Migrating to Windows Server 2008 - Migration Steps: AD, DNS
(Page 2 of 4 )
The most important consideration is that the steps of the migration must be accomplished in a somewhat strict order. There is a general step-by-step guide to the entire process that should be followed. First of all, the already-existing Active Directory® (AD) forest schema must be prepared ("adprep /forestprep") for the introduction of a new Domain Controller running on Windows Server 2008.
Once this is done, the next step is to prepare the infrastructure master of the domain ("adprep /domainprep"). This prepares the domain for the introduction of a new domain controller. These commands should be run as administrators under the server that holds the FSMO roles (flexible single master operations). If there is more than one domain, then don't forget to run the latter command on each of them. Think about it like this: each one of them must be prepared individually. From this perspective, it all makes sense.
A few pointers regarding these commands: the first one must be run under a user that is part of the Schema Admins and Enterprise Admins, while the latter needs the administrator user to be a member of the Domain Admins group. Not meeting these requirements will result in an error due to not having the necessary credentials.
The first forest preparation is going to take a while...be patient. However, the second domain preparation is much faster-almost instantaneous. We should also point out that if your current domain controller isn't running on native mode (i.e.; mixed), then fire up your "AD Domains and Trusts" MMC snap-in and raise the domain functional level to native (such as Windows Server 2000 native, Windows Server 2003, etc.).
Technically, after performing these two preliminary steps, the forest schema and the domain(s) are prepared for Windows Server 2008. This means that you just need to join this new server into the domain(s). For the sake of simplicity, we'll assume that we're working only with one domain. Now that you have joined the server to the domain you need to promote it up to Domain Controller (DC).
The next step is transferring the DNS records. Fortunately, all of the DNS zones data and server configuration files are fully compatible from Windows Server 2003 to Windows Server 2008. This simplifies the process. All that's left to do is create secondary zones on your new Server 2008 for all of your existing zones. But to do this on Windows Server 2008, it must have installed the role of DNS.
After all of the DNS records are transferred to Windows Server 2008 (meaning the zone transfers are finished), then you need to convert these secondary zones to primary ones. Ideally, you should integrate them into Active Directory Domain Services (AD DS). These are called AD-integrated DNS zones. But you can only do this if the DNS service runs on the same server that is a Domain Controller (DC).
Optionally, if you are planning to continue running the existing primary masters as DNS servers, then just convert the DNS zones to secondary zones on those servers. Now this step sums up the migration of DNS role; it's time to move on.
Next: Migration Steps: FSMO Roles >>
More BrainDump Articles
More By Barzan "Tony" Antal
