General discussion

Locked

Windows 2000 Sever uprade from NT 4.0

By dgabbard ·
Looking for recommendatation from this inherited mess.

Single NT 4.0 PDC network (no bdc)
roughly 25 users.

The rights on the PDC are extremely vulnerable. The users have ability to access the entire server.

My thoughts are to bring W2k on as member server. Move user data files from pdc to member server.

Take the pdc down and use DCPROMO to create a new domain.

Everything I read for upgrading address a network with a pdc and at least one bdc.

thoughts?

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Windows 2000 Sever uprade from NT 4.0

by cportman In reply to Windows 2000 Sever uprade ...

Not a bad idea with only 25 user accounts.

Starting from scratch can improve performance.

MSFT does provide a utility in the resource kit to migrate users from one domain to another. But it doesn't take much time to create 25 user accounts.
I would do what you described, but I would leave the NT4.0 domain controller up untill you are finished migrating- really no need to bring it down untill you know you have a sucessful migration.

The idea behind having a bdc is that if for some reason during the upgrade of the pdc it crashes you can bring the bdc on line and promote it.

Good Luck
cp

Collapse -

Windows 2000 Sever uprade from NT 4.0

by dgabbard In reply to Windows 2000 Sever uprade ...

Each response has been helpful, and along the same line. We went with adding a BDC, took the PDC offline and then upgraded the BDC to a PDC. This allowed us to be adventurous with the network without fear of losing data. We were going with W2K for learning experience and not for the companies benefit, therefore decided to stay with a NT4.0 network. Of course using a BDC and cleaning up the rights issues.

Thank you everyone for your input.
Doug

Collapse -

Windows 2000 Sever uprade from NT 4.0

by curlergirl In reply to Windows 2000 Sever uprade ...

One thought - your workstation accounts will no longer exist on the new domain after dcpromo-ing the Win2K server (even if you give it the same domain name), so if you've got Win2K or NT workstations, they'll all have to join the domain again. Of course, Win9x workstations won't have that problem. Another thought - if the old PDC isn't TOO old and has a robust enough configuration, you might consider upgrading it in place first, then adding another Win2K server to the domain and moving files as you've described. Then, you have your backup domain controller, and you wouldn't have to re-enter all your user account info. I've only done this once on a 2-3 year old NT 4 PDC, but it worked fine. Even in small shops like the one you're talking about, having a backup domain controller is a good idea when you have such an opportunity. Hope this helps!

Collapse -

Windows 2000 Sever uprade from NT 4.0

by dgabbard In reply to Windows 2000 Sever uprade ...

Each response has been helpful, and along the same line. We went with adding a BDC, took the PDC offline and then upgraded the BDC to a PDC. This allowed us to be adventurous with the network without fear of losing data. We were going with W2K for learning experience and not for the companies benefit, therefore decided to stay with a NT4.0 network. Of course using a BDC and cleaning up the rights issues.

Thank you everyone for your input.
Doug

Collapse -

Windows 2000 Sever uprade from NT 4.0

by Bhrdwh In reply to Windows 2000 Sever uprade ...

For 25 users, one NT PDC is ok, as even if it crashes you can create 25 users quickly. If no users are getting added you can continue with the existing setup BUT I suggest you go in for atleast one more BDC. to goin for Win2K, yes have two DCs.
Akash

Collapse -

Windows 2000 Sever uprade from NT 4.0

by dgabbard In reply to Windows 2000 Sever uprade ...

Each response has been helpful, and along the same line. We went with adding a BDC, took the PDC offline and then upgraded the BDC to a PDC. This allowed us to be adventurous with the network without fear of losing data. We were going with W2K for learning experience and not for the companies benefit, therefore decided to stay with a NT4.0 network. Of course using a BDC and cleaning up the rights issues.

Thank you everyone for your input.
Doug

Collapse -

Windows 2000 Sever uprade from NT 4.0

by LordInfidel In reply to Windows 2000 Sever uprade ...

First, Why do you need to go to win2k AD? (Don't get me wrong, I love 2K with AD)
Is there a valid reason to spend the cash?

But, If I inherited your network and was a little unsure about how to proceed,
the first thing I would do is to put another Server online and make it a BDC.

If you have <10 users then I would see having only 1 DC. But if that PDC
goes down /offline your users are screwed. Always, always have redundancy.
First rule of computing. (besides backing up and RTFM)Next use your BDC as your File server.

If your PDC is a high end server and your bdc is a low-ender.
I suggest then reversing roles. Make the High end the BDC
and the low end the PDC.

Collapse -

Windows 2000 Sever uprade from NT 4.0

by LordInfidel In reply to Windows 2000 Sever uprade ...

Keeping the files on the high end server that is now the bdc.

Get your domain users groups in order. Go thru USrmgr 4dom's and get rid
of the old groups. Place people into the new groups.

get your file structure under control and assign theappropiate rights
to each group. (Hint- Public/user files should not be on the system partition)
Tips- Only assign groups to group folders.
Users folders has 2 people assigned (domain admins and individual user)

Only Domain admins have full control and have full control over every file.
The highest level of permissions that should be given is change. Never
full control.

Your root drives should never be shared. Share permissions should be set
to everyone=full control. Nevercontrol access with share permissions, always
use NTFS permissions.


The point is, going over to 2K will not solve your problem, it just may add to it.
AD is a much harder beast to tame then classic NT domains.

Not to mention when you create a new domain, you will need to rejoin the client
machines to the new domain.

Look at this as a good oppurtunity to expand your knoweldge with the tools that
you have. It is a good place to learn some basic architecture.

get yourself some books on 2K before attempting to switch.
I would also suggest getting some on Nt4 and learning the domain models and
architecures.

good luck

Collapse -

Windows 2000 Sever uprade from NT 4.0

by dgabbard In reply to Windows 2000 Sever uprade ...

Poster rated this answer

Collapse -

Windows 2000 Sever uprade from NT 4.0

by dgabbard In reply to Windows 2000 Sever uprade ...

This question was closed by the author

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums