General discussion

Locked

Windows 2000 Server

By daniel ·
Hi, we are in the beginning stages of migrating our network from NT4 to W2K, with the end result of W2K native mode w/ AD. We are setting up a test network, however, we would like to get some comments / advice from those who have already went through this migration. Some issues include:

Five NT4 BDCs are located at remote locations and are used as print servers / authentication for each location. When the new stand alone W2K server is replaced with the current NT BDC, is authentication across the WAN the same as long as all the TCP/IP settings the same as NT, or do we have to do anything else to the W2K server (keep in mind we are still running in a mixed domain with NT PDC at the main location).

When moving files from our NT4 standalone File Server to the new W2K Server, would permissions be retained? (I wasn't sure of moving files from NT server to W2K server)

We appreciate any comments / advice

Thanks,
Dan

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Windows 2000 Server

by timwalsh In reply to Windows 2000 Server

Your wording has me a little confused here so let me make sure I understand your goals. You will be placing a Win2K server at your remote sites to replace the current NT BDCs, but the Win2K servers will not be acting as Domain Controllers (DCs). Is this correct? Or is this an interim solution until you install Win2K at your main location? Whether the clients at the remote locations will now authenticate to your PDC will depend on whether or not they were specifically configured to use theirlocal BDC as their primary authentication server. They for sure will not authenticate to the Win2K server (as it isn't a DC).

BTW, if you are still running an NT4 PDC at your main location, you don't have a mixed domain as defined under Active Directory (AD)(although you may may have an NT4 domain and a parallel Win2K domain).

As a review, here are some hard rules dealing with AD, that cannot be broken.
1. An NT4 PDC CANNOT exist in a Win2K AD domain (but an NT4 BDC can).
2. A Win2K AD DC CANNOT exist in an NT4 domain (but a Win2K member server can).
3. Installing AD on ANY Win2K server will create a DC (and an AD domain if it doesn't exist).
4. To properly migrate an NT4 domain to a Win2K AD domain, you MUST install Win2K and AD on the NT4 PDC (will not work on a BDC).

As far as moving files:
Generally, when files are moved between volumes, the files will assume (inherit) the permissions of the parent folders the files are moved into. There is a utility available with the Win2K Server Resource Kit called Robocopy (robocopy.exe) that will let you copy files between volumes and keep their original permissions. Take a look at MS KnowledgeBase article 310316 for more inofrmation

Hope this helps.

Collapse -

Windows 2000 Server

by daniel In reply to Windows 2000 Server

Poster rated this answer

Collapse -

Windows 2000 Server

by Rabbit_Runner In reply to Windows 2000 Server

Hi, What Tim has said in the previous answer is quite correct. His perspective on the servers is all true.

In my answer I want to touch on the workstations. We do know what your clients are (eg. XP, 2000 Pro, NT4 workstation, Win9x, other) You did mention that you are using the current BDC's for authentiction. Here is my point, If you have any 'downlevel clients' (NT4, Win9x, other) then, after your upgrade to Win2K with AD, ALL downlevel clients will only authenticate with the new 2000 domain controller. Active directory creates a FSMO named 'PDC Emulator' and this is, by default on the first 2000 Domain Controller. Sooooo, if your clients are located in remote locations, they will need to have a connection to the 2000 DC at themain site. This will also require WINS as well as DNS. A WINS server will need to be located at each location and be synchronized. This will allow your clients to locate the 2000 DC, and then authenticate through your network connection to the main site. Bandwidth may be a requirement, because if your client cannot authenticate in adequate time, the logon will 'time-out'.

However, if all of your clients are 2000 Pro or XP, then the above should not be a problem. But your DNS settings will need to be pointing to your 2000 AD DNS server.

Hope this helps.

Collapse -

Windows 2000 Server

by Rabbit_Runner In reply to Windows 2000 Server

Correction.......
We do NOT know what your clients are (eg. XP, 2000 Pro, NT4 workstation, Win9x, other)

Collapse -

Windows 2000 Server

by daniel In reply to Windows 2000 Server

Poster rated this answer

Collapse -

Windows 2000 Server

by daniel In reply to Windows 2000 Server

This question was closed by the author

Back to Windows Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums