At some point, you may have to bite the bullet and migrate from Windows NT to Windows 2000. The trick to successfully making the move is to get the task done without affecting your current network. While you can bring Windows 2000 into your network in a mixed-mode configuration and use it in conjunction with your existing NT 4 configuration, this only delays the inevitable: making the final change to a pure Windows 2000 Active Directory network. One product that can make this change easier is FastLane Migrator from Quest Software. In this Daily Drill Down, I’ll show you how it works.

Exchange issues

FastLane Migrator offers two different migration methods—NT Users Only or NT Users With Exchange Support. For the purposes of this Daily Drill Down, I’ll concentrate on just the NT User migration support. When making any kind of a change to the network, the best rule to use is KISS (Keep It Simple, Stupid). Not every organization uses Exchange 5.5 for their network mail server, and those that do probably won’t be making the jump to Exchange 2000 at the same time they go to Windows 2000.

Your fast lane to easy migrations
FastLane Migrator can help you consolidate multiple NT 4 domains into a single Windows 2000 Active Directory network. You might think that only larger companies would need to consolidate multiple domains, but that’s not always the case. Smaller organizations can find themselves saddled with the problem of multiple domains as networks pop up randomly in response to departmental needs. FastLane Migrator can eliminate a lot of the hassle of bringing multiple NT domains together and integrating them into a single Active Directory tree.

Getting ready for migration
The first thing to do when getting ready to run FastLane Migrator is to make sure that your servers (both Windows 2000 and NT 4) are ready for the process. Verify that your servers all have the latest available patches from Microsoft. On the NT 4 side, make sure that your servers don’t have any WINS or RPC problems before starting. Put a freeze on any user or rights changes for several hours at a minimum to give things time to completely replicate between servers.

Once the servers are squared away, make at least one good backup—preferably two—of each of the NT 4 and Windows 2000 domain controllers on your network. While this may seem like preaching to the choir, a good tape backup can be your lifeline to a quick recovery in the event of a problem. You may be content to go with just one tape backup, but having two backup tapes prevents a tape- or drive-related problem from leaving you without a safety net.

Check to be sure that you have the latest updates installed for your tape backups software package, as well as any backup agents needed on the servers that you’ll be backing up. If you’re using Veritas Backup Exec, this process is easy. The update/patch file that you download is applied to the backup server as well as the backup agents residing on other servers, so you have to get only one file and install it multiple times to bring everything up to date.

Installing FastLane Migrator
Once you have everything ready, you can start to install FastLane Migrator. Put the FastLane Migrator CD in the CD-ROM drive of the server from which you’ll be running the product. This should be the domain controller on one of the Windows 2000 servers. If the Install program doesn’t start automatically after the drive has spun up, run Setup.exe from the CD-ROM drive.

When the Wise Install Wizard screen appears, click Next to continue. Review and accept the license agreement, and click Next. When the Customer Information screen appears, enter the user name and organization name for your company. You have the option of installing the application for anyone who uses this computer or just for the user that is currently logged in. You’ll need to decide which option to use based on the number and type of individuals that log in to this server with distinct user identifications. The best level of security would be to restrict access to the application to the currently logged-in user. This means that only this user will be able to use the application.

The next screen asks you to choose the type of installation you want to perform. Unless you’re working with Quest on your particular rollout or have someone who is experienced with the product helping you, you should select the Complete option and click Next to continue.

Next, you must set up the Service Account that FastLane Migrator will use for its migration tasks. You’ll see on the screen that the service account for FastLane Migrator must have at least Backup Operator rights. According to Solution 2037 on Quest’s Support Web site, the service account must also have Local Administrator rights. Unless you have security procedures that dictate otherwise, I recommend using the Administrator login account since you’ll probably be uninstalling this software after you’ve finished using it.

Once you’ve entered the Domain name, user name, and password for the service account, click Next to continue. You’ll get a pop-up window that advises that the account has been granted the Log On As A Service right. Click OK to close this window and proceed.

Next you’ll select the type of database for FastLane Migrator to use. The two options are Access and SQL. The Microsoft Access option should be selected by default. Unless you happened to already have MS SQL up and running or you’ll be doing a very large migration (i.e., several thousand users), I’d go with the Access option to make things a little easier to handle. Click Next to continue.

At this point, FastLane Migrator has everything it needs to install. You’ll see a screen confirming this. Click Install to start the actual installation. A status screen will appear to let you know how the installation is proceeding.

When the installation has finished, you’ll be prompted with a FastLane Registration screen. Enter the Activation key you should have received with the product. Verify that the checksum value on the screen agrees with the information you have, and click Register. Once the key has been accepted, a Registration Success message will pop up on the screen. Click OK to continue.

Using FastLane Migrator
Now that you’ve installed FastLane Migrator, you’re ready to begin using it. You can start it by clicking Programs | Quest Software | FastLane Migrator.

There are two ways to migrate objects: one at a time, or by setting up a project that allows you to move a large number of objects all at once. When to use each will depend on your particular migration.

If you’re moving users from an NT 4 domain to a Windows 2000 Active Directory domain as you give them new machines, the one-at-a-time option is a better choice. If you’re moving most or all of your users at one time, then the project approach will be the better way to go.

Migrating objects one at a time
To migrate objects one at a time, you can use the Migrator application from the FastLane Migrator. When you bring it up, you’ll see Source and Target windows. The first thing that you need to do is to choose the domain you’re moving the users from (i.e., Source domain) and the domain you’re migrating the users to (i.e., Target domain).

To choose the domains you’re going to work with, you can either press [Ctrl]A or click Edit | Add/Remove Domains. You’ll then see the Select Domains To Add / Remove window. To select a domain to work with as either Source or Target, click the domain you want to work with and click on the Greater Than (>) button to move the domain from the Available Domains column to the Domains And Forests column. If the screen doesn’t show any domains when it first appears on the screen, clicking the Refresh Domains button should show all of the domains that are currently available on your network. After you’ve selected the domains you’re going to work with, click OK to return to the FastLane Migrator screen.

In the Source window, click the domain from which to migrate users. When you do, a plus sign should appear to the left of the domain name and the available items that can be migrated. In the Target window, do the same thing for the domain to which you’re migrating the users and/or other objects. As with the domain in the Source window, you should see a plus sign on the domain name you clicked as well as a list of the object categories you can transfer the items from the source domain into.

As an example, I’ll show you how to move one user from an NT4 domain to a newly created Windows 2000 Active Directory domain. Click the user you want to move from the NT 4 domain and drag the user to the Users container in the Windows 2000 domain. When you release the mouse button, a pop-up message will ask you to confirm that you want to begin the migration of the selected items. Click Yes to begin the migration.

A screen will appear indicating that preprocessing has occurred on the selected objects and informing you of any problems. As a final check, make sure that the correct domain names are shown for the source and target domain names. If everything is as it should be, click Migrate Now.

Depending on the size of the domains you’re transferring objects to and from, it may take a while before the objects totally disappear from one domain and appear in the other.

When the migration process has finished, a postmigration report that uses Notepad will show up on the screen. Look at this report closely to make sure that everything is where it should be.

Using projects for large-scale migrations
If you’re doing more of a wholesale migration of users, groups, and so on from one domain to another, using a project and the Migration Guide portion of FastLane Migrator is the way to go. You get to the Project portion of FastLane Migrator by clicking Project | Migration Guide on the menu bar. When the Migration Guide appears, the first thing you’ll want to do is click Create A New Project. This creates a file that FastLane Migrator will use to move the items between domains that you’ve selected.

After you’ve clicked Create A New Project, a Save As dialog box will appear on the screen. Enter a name for the project in the file name field and click Save.

Next you’ll go through the different items that you want to transfer. As you go through each category, a wizard will make sure you don’t forget any required step along the way.

One thing you’ll notice about the Project interface as opposed to the main FastLane Migrator console (also known as the drag-and-drop interface) is that you go through a series of questions that ensure you’re moving from the correct source domain to the correct target domain and that you have the appropriate properties of each item. Once you’ve selected the items to be migrated and begun the process, the screens you’ll see in terms of pre- and postprocessing will be very similar.

Get in the FastLane
I’ve described only a small portion of what FastLane Migrator can do for you. It has other tools that will check for Admin level access on accounts so that a login ID will still do what it’s supposed to when you transfer it from one domain to another. Another tool that makes FastLane Migrator ideal when consolidating domains is the DC/Mover wizard. This tool can save you a lot of grief as you move a domain controller from one domain to another.

Making any domain-level changes is never a thing to do without extensive preparation. FastLane Migrator is a good tool to have on hand, whether you’re migrating users en masse or moving just a few users at a time. FastLane Migrator gives you such a reliable safety net that you’d almost think that someone is looking over your shoulder. As you start to make the move from NT 4 to Windows 2000 Active Directory, this is one tool that can make your life a little easier.