Migrating NT 4 Accounts to Win2k Server

[Diane]

Archived from groups: microsoft.public.win2000.general (More info?)

(also posted in win2K AD)
We current have an NT 4 PDC used for network logons (about 60 users) and a
few older apps (it is the only NT 4 box - no BDCs). We realize this
situation is not good and want to migrate as much as possible to an existing
win2k domain used primarily for email. We need to maintain the desktop
profiles and migrate any other system and computer accounts needed. The
win2k (mixed mode) domain already has the same users and computers in AD.
We have kept the user account information and passwords the same in both
domains. We have been advised to look at ADMT. It looks like a possible
tool to use, however, we discovered we have to go to native mode on the win2k
domain to run any trial migration tests - which we plan to do.

My questions are:
1. How do we get the user accounts to the AD (since they already exist)
and effectively "add" the NT profile/security info. to their win2k
information without causing issues with their current win2k accounts/email
(exchange 2000 - going to 2003) ?
2. Which of the NT4 system accounts, if any, will we need to migrate?
3. Do we need to migrate any computer accounts from the NT4 box since the
computers already exist in the win2k AD?
4. Users will still need access to the NT4 box for some of the older apps.
The firm has been reluctant to upgrade to newer versions for cost reasons.
Will going to native mode in the win2k domain have any impact on the NT to
win2k domains trusts currently in place (i.e. they won't work)? I have
tried to find information on what going to native mode actually means (other
then you can't have nt4 systems in the domain). How much risk is there
(since you can't go back)?

Thanks for your help and guidance - your suggestions or pointers to
resources would be much appreciated. This is a small firm with no spare
systems to experiment on, so we need to find a good process for making this
happen.

 

[Guest]

Archived from groups: microsoft.public.win2000.general (More info?)

Standard MCSE question. If I remember right, the process goes somehting
like this:

0) back up everything
0a) plan your new tree design
1) upgrade BDCs to win2k BDC emulators
2) upgrade PDC wo win2k PDC emulator
3) upgrade domain to mixed-mode AD (there is a wizard that does all this for
you)
4) upgrade member servers to Win2k and add to AD
5) upgrade AD to native mode

My question is: why would you want/need to do this if the current system
works?


"Diane" <Diane@discussions.microsoft.com> wrote in message
news:714922B8-F52B-4DC3-A52F-CE480B56B8B8@microsoft.com...
> (also posted in win2K AD)
> We current have an NT 4 PDC used for network logons (about 60 users) and a
> few older apps (it is the only NT 4 box - no BDCs). We realize this
> situation is not good and want to migrate as much as possible to an
> existing
> win2k domain used primarily for email. We need to maintain the desktop
> profiles and migrate any other system and computer accounts needed. The
> win2k (mixed mode) domain already has the same users and computers in AD.
> We have kept the user account information and passwords the same in both
> domains. We have been advised to look at ADMT. It looks like a possible
> tool to use, however, we discovered we have to go to native mode on the
> win2k
> domain to run any trial migration tests - which we plan to do.
>
> My questions are:
> 1. How do we get the user accounts to the AD (since they already exist)
> and effectively "add" the NT profile/security info. to their win2k
> information without causing issues with their current win2k accounts/email
> (exchange 2000 - going to 2003) ?
> 2. Which of the NT4 system accounts, if any, will we need to migrate?
> 3. Do we need to migrate any computer accounts from the NT4 box since the
> computers already exist in the win2k AD?
> 4. Users will still need access to the NT4 box for some of the older
> apps.
> The firm has been reluctant to upgrade to newer versions for cost reasons.
> Will going to native mode in the win2k domain have any impact on the NT to
> win2k domains trusts currently in place (i.e. they won't work)? I have
> tried to find information on what going to native mode actually means
> (other
> then you can't have nt4 systems in the domain). How much risk is there
> (since you can't go back)?
>
> Thanks for your help and guidance - your suggestions or pointers to
> resources would be much appreciated. This is a small firm with no spare
> systems to experiment on, so we need to find a good process for making
> this
> happen.
>
>
>
>

 

[Diane]

Archived from groups: microsoft.public.win2000.general (More info?)

Hi,

Thanks but I need some help following your response with respect to the
issue we believe is at hand. To clarify,

- We don't want to upgrade the NT4 PDC to win2k. The goal is to
decommission it after we move the account information and resolve issues with
old software (that does not run on win2k, per the vendor). It's got *no*
disk space and the firm does not want to put money into it since it's going
on 5+ yrs old.
- We now have 2 seperate domains, (1) win2k for email with AD and 2 DCs
(mixed mode) and (2) a single NT 4 PDC (NO BDCs).
- Yes, it works, but if the NT PDC dies, no one can logon to the network
with their current profiles. So we want to reduce the impact of the PDC
dying by moving everything off of it that we can and advising the management
(again) of the remaining business risk from not upgrading some really old
apps.

We understood we needed to move the account profiles somehow to the win2k
domain to mitigate the network logon issues. If there's another way, we're
happy to investigate other alternatives and appreciate any pointers you can
give us.

Diane


"Diane" wrote:

> (also posted in win2K AD)
> We current have an NT 4 PDC used for network logons (about 60 users) and a
> few older apps (it is the only NT 4 box - no BDCs). We realize this
> situation is not good and want to migrate as much as possible to an existing
> win2k domain used primarily for email. We need to maintain the desktop
> profiles and migrate any other system and computer accounts needed. The
> win2k (mixed mode) domain already has the same users and computers in AD.
> We have kept the user account information and passwords the same in both
> domains. We have been advised to look at ADMT. It looks like a possible
> tool to use, however, we discovered we have to go to native mode on the win2k
> domain to run any trial migration tests - which we plan to do.
>
> My questions are:
> 1. How do we get the user accounts to the AD (since they already exist)
> and effectively "add" the NT profile/security info. to their win2k
> information without causing issues with their current win2k accounts/email
> (exchange 2000 - going to 2003) ?
> 2. Which of the NT4 system accounts, if any, will we need to migrate?
> 3. Do we need to migrate any computer accounts from the NT4 box since the
> computers already exist in the win2k AD?
> 4. Users will still need access to the NT4 box for some of the older apps.
> The firm has been reluctant to upgrade to newer versions for cost reasons.
> Will going to native mode in the win2k domain have any impact on the NT to
> win2k domains trusts currently in place (i.e. they won't work)? I have
> tried to find information on what going to native mode actually means (other
> then you can't have nt4 systems in the domain). How much risk is there
> (since you can't go back)?
>
> Thanks for your help and guidance - your suggestions or pointers to
> resources would be much appreciated. This is a small firm with no spare
> systems to experiment on, so we need to find a good process for making this
> happen.
>
>
>
>