Archived from groups: microsoft.public.windowsnt.domain (
More info?)
Hi Rebecca,
Thanks for your reply, much appreciated. I didn't mean to cross-posting but
I wasn't sure which newsgroup is more appropriate for posting my question.
Just to make sure I understand the whole process, I'll list them below:
a) install NT4 onto new server in remote office as BDC (NT4 Domain), ensure
this server can communicate to existing PDC
b) promote remote office BDC as PDC? (is this a necessary step, can it
remain as BDC)
c) install Windows 2003 Server and run dcpromo to promote as Domain
Controller? (not sure about this step, as I've never done it before. Or
during install of W2K3, it will recognize existing domain structure and
upgrade the domain controller during install)
d) apply registry emulator for NT4 onto W2K3 server
e) at this point, can I demote the W2K3 from PDC back to BDC, and elect
another BDC from the main office as PDC?
Thanks again for your help,
Simon
""Rebecca Chen [MSFT]"" <v-rebc@online.microsoft.com> wrote in message
news:zibwxTQZFHA.388@TK2MSFTNGXA01.phx.gbl...
> Hi Simon,
>
> Thanks for the posting!
>
> I have read the thread you posted in both
> microsoft.public.windowsnt.domain
> and the microsoft.public.windows.server.active_directory newsgroups, and
> understand you plan to configure the remote site win2k3 server.
>
> Since you need to go oversea to configure the remote win2k3 site and this
> question may require a bit more in depth attention and may fall under the
> umbrella of Advisory Services. You may consider contacting Microsoft
> Advisory Services to get more information. For more information on
> Advisory
> Services, please see the following URL:
>
http://support.microsoft.com/Directory/WORLDWIDE/EN-AU/advisory/default.htm
>
> You may also contacting Microsoft phone support engineer about this
> question:
> To obtain the phone numbers for a specific technology request please take
> a
> look at the web site listed below.
>
http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS
>
> If you are outside the US please see
>
http://support.microsoft.com for regional support phone numbers.
>
> I would like to provide some personal experience about your scenario. It
> seems you will set the remote win2k3 in the same domain as NT PDC, I mean
> if the NT domain called OldDomain, you plan to add the win2k3 to OldDomain
> in the remote site. If this is the case, you need to perform a non-in
> place
> upgrade process in the remote site.
>
> - Install BDC on the new box in the remote site, let us call it
> win2k3Machine. Here, please make sure you can ping though between
> win2k3Machine and the old NT machine. You need to pay attention to the
> firewall to allow the firewall open the port to allow the win2k3Machine
> can
> communicate with old NT PDC.
>
> - Promote a Windows NT 4.0 BDC to the PDC, which demotes the PDC to
> a BDC.
> - Adding the NT4mulator registry on win2k3 server. This step is
> optional but recommend, adding this registry on the win2k3 server will
> make
> the win2k3 server act like a NT server rather than a win2k3 DC. it would
> be
> easier to communicate with NT and the down level clients. You can continue
> using Unix DNS in the network as if you are in NT domain.
>
> Configure Protection From Domain Controller Overload
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKi
> t/4e72dc59-0241-4666-bed9-075b78ba0884.mspx
>
> 298713 How to prevent overloading on the first domain controller during
> domain
>
http://support.microsoft.com/?id=298713
>
> - Upgrade the new PDC to Windows Server 2003. If you want to expand
> the boot partition, please refer to the following KB:
> 325857 How To Expand the Boot Partition During a Windows Server 2003
> Upgrade
>
http://support.microsoft.com/?id=325857
>
> - Use the Windows Server 2003 Active Directory wizard to turn on
> the
> Active Directory service. The Active Directory service imports the
> existing
> user accounts, groups, and other settings from the PDC.
>
> IMPORTANT: You can choose the domain function level to use the interim
> mode
> when installing AD on win2k3 server. Your understanding is correct that
> interim mode is the correct domain function level when win2k3 and NT
> coexists in the network. However, if you add NT4emualtor registry, you can
> use the mixed function level since the win2k3 will act like a NT PDC. For
> more details about the Interim mode, please refer to the following
> article,
> " Interim Level - Upgrade from a Windows NT 4.0 Domain ":
>
> How to raise domain and forest functional levels in Windows Server 2003
>
http://support.microsoft.com/kb/322692
>
> - Install WINS on win2k3Machine and make sure it replicates with
> the
> remote old NT DC for name resolution.
>
> - Run your new Windows Server 2003 domain controller with Active Directory
> for a test period.
>
> By using the steps above, you have upgraded the NT domain to the win2k3
> domain and retained the domain name. However, please note now the primary
> domain controller is win2k3 server in the remote site.
>
> Please know it is possible that there are some problems when you browse My
> Network Places in view the remote site due to many factors, one of the
> possibility is to pay attention the firewall configuration. It is also
> recommend you visit the remote site via UNC like \\win2k3machine instead
> of
> open My Network Places.
>
> With regards to the question of DNS in win2k3 domain, AD-integrated DNS is
> recommended, however, you can use Unix DNS as a temporarily workaround.
> You
> may take a look at the following article:
>
http://www.avidware.net/Linux/Windows-2003-linux-dns-server.asp
>
> On other hand, win2k3 DNS can also serve Linux or UNIX client, it would be
> better than you install AD-integrated DNS and serve for unix client:
>
> How DNS Works
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechR
> ef/19a63021-cc53-4ded-a7a3-abaf82e7fb7c.mspx
>
> HTH!
>
> If you have any question, please contact Microsoft Advisory service or the
> phone support engineer.
>
> Best regards,
>
> Rebecca Chen
>
> MCSE2000 MCDBA CCNA
>
>
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
>
> =====================================================
>
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
>
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>