Windows Insider

A Real-World Upgrade

In the non-Microsoft-exam world, there are serious budget constraints, manpower shortages and management conflicts over upgrading.

Have you ever noticed that the domain upgrade scenarios in Microsoft documentation and the certification exams read like scenes from an episode of “Lifestyles of the Rich and Famous?” You, the administrator, are invited to imagine yourself as the sole network systems architect for a company with 50,000 users in a hundred locations scattered all over the globe. You have an unlimited budget to implement whatever domain configuration meets the design goals in the product documentation and best practice white papers. You can deploy your designs without the need for collaboration with colleagues or approval by managers. The result of your efforts is a sublime amalgam of technical excellence and design elegance. You take a bow toward the footlights then stroll solemnly off-stage.

Meet Ann
The real world is somewhat less glamorous. Take this situation, for example. Ann is a systems technician for a small network support firm in Toledo, Ohio. One of her clients is a company that builds custom plastic shelves for convenience stores. The owner of this company has a well-deserved reputation for “spending both sides of a nickel.” Here’s the company’s current system configuration.

The main office has 15 employees, all of whom use thin clients that connect to a server running Windows NT 4.0 Terminal Services Edition. This server has two 400 MHz PIII processors. It was recently upgraded to 512MB of RAM using memory taken from the desktop of the owner’s business partner after a motherboard failure. The company’s assembly plant, located across town, has eight employees who also use thin clients to connect to the terminal server in the home office. The thin client units were purchased at the bankruptcy auction of a cell phone reseller. They are configured to use RDP as the wire protocol. Ann uses a short logon script to configure drive mappings and printer connections; but otherwise the users are free to manage their own virtual desktops.

Old Apps, Old Servers
The company bookkeeper keeps her financial records using a 16-bit Windows application that runs on NT but isn’t compatible with terminal services. Ann has installed the application on a PC that doubles as a terminal server client. The company owner also uses a PC, partly because he thinks a thin client doesn’t befit his role as CEO and partly because the terminal server bogs down too much when he runs Microsoft Golf.

The NT domain name is NT-DOM. The PDC for the domain is a 90MHz PII desktop with 128MB of RAM. The PDC also provides WINS and DHCP services, runs Exchange 5.5, and has two modems for the company’s salespeople to use for dial-in. The last time Ann took the skin off the PDC, the dust inside was so thick that everyone in the office had allergic attacks for a week.

The company contracts its DNS and Internet e-mail to an ISP that also hosts the company Web site, www.shelfware.biz. The company has changed Internet providers three times in three years, each time to a provider with a lower price. The Exchange server has an Internet mail connector that failed a few months ago so everyone pulls their Internet e-mail from the ISP mail server using an Outlook POP3 client while sending their internal e-mail using Exchange.

The main office has a BDC that also acts as a file and print server. The BDC is a 533 MHz PIII desktop with 128MB of RAM, an IDE boot disk, and three-disk SCSI array configured as a fault tolerant disk set with 18GB of usable storage. A DAT4 tape backup unit is attached to the external SCSI interface. Ann has configured an NTBackup job to capture as much of the volume as will fit on a single tape. The bookkeeper rotates the tapes using a calendar with each day of the week shaded with a highlighter that corresponds to a color on the tape label. The tapes have been in use since the start of former president Clinton’s second term in office. Ann has cautioned the owner about the need for off-site tape storage, so every once in a while he nabs a tape and sticks it in his briefcase. When the bookkeeper remembers to complain about the missing tape, he brings it back.

The network connection between the two offices consists of a SOHO router in each location that acts as a NAT interface to the Internet via a symmetrical DSL line with 256K capacity. Every once in a while, high latency on the Internet connection causes the remote office users to lose their terminal server session. They can log right back on and regain their sessions, so the owner won’t spend money on a dedicated frame relay connection.

That’s the gist of the configuration. Ann looks in every couple of weeks to check the event logs and reboot the servers.

The Upgrade
Left to itself, this little system and hundreds of thousands of others just like it would continue to putt along quite nicely for many years, but Microsoft has decried an end to NT support in 2003, and Ann is reluctant to leave her client on an operating system that lacks official standing with its vendor. She originally planned on upgrading to Windows 2000, but she’s been following the public newsgroups and knows that Windows .NET has great new features. Since .NET is due for release about the same time as the owner’s annual vacation, she decides to use it for her upgrades. Here’s a summary of the challenges that she faces as she sets out her plans.

Naming
Ann wants to change the current domain name, NT-DOM, to one that matches the company’s registered Internet name, Shelfware.biz. Ordinarily, the flat NetBIOS name of an AD domain is derived from the leftmost element of the hierarchical DNS name, but this is not an absolute requirement. Ann plans on using the domain rename feature in .NET to change the flat name after she finishes the upgrade.

DNS
The DNS server at the company’s ISP doesn’t support Service Locator (SRV) records, so Ann decides to install DNS on the .NET domain controllers. She avoids the temptation to install DNS in conjunction with the PDC upgrade. Instead, she installs .NET on one of the new machines as a member server then installs DNS with a standard primary zone. Later on, she’ll promote this machine to be a DC and integrate the zone into AD. The DNS server forwards to the ISP’s DNS server.

Domain Controller Hardware
The current PDC and BDC scarcely have sufficient resources to run NT, much less .NET, so Ann buys a couple of new P4 desktops with 256MB RAM. She decides to use a leapfrog approach to the PDC hardware upgrade. She installs NT 4.0 SP6a on one of the new machines and makes it a BDC. She then promotes it to PDC, which automatically demotes the existing PDC to a BDC. She upgrades the newly promoted PDC to .NET and, when that completes successfully, she promotes the .NET member server to a DC.

Rather than upgrade the existing BDC, which is also the file and print server, Ann originally planned to transfer the SCSI adapter and drives to the .NET member server. She’s disturbed to discover, however, that .NET doesn’t support NT-style fault tolerant disk sets. She finds an inexpensive IDE RAID controller and installs it along with two 20GB drives into the new machine. She mirrors the drives and copies the data files from the old BDC using the xcopy /o command to retain any special permissions that exist on the files and folders.

Once all data and services have been transferred from the BDC, Ann can remove it from the network and rename the .NET DC to the same name (a feature not available in Win2K.) This retains compatibility with drive mappings and shortcuts on the user desktops.

Ann keeps the BDC in reserve for a while in case a calamity causes a loss of AD. At some point in the future, she can format the hard drive and repurpose the machine.

Backups
Ann plans on transferring the SCSI controller and tape backup unit to the new file and print server and to use the built-in scheduler in NTBackup to build her nightly backup job. She found a three-tape DAT4 library on eBay and plans on using the Removable Storage Manager feature in .NET (also present in Win2K) to drive the library so she can get a full backup of all the critical servers each night. To avoid the necessity for naming each tape, she puts the /um (unmanaged) switch on the command line of the backup job. She trains the bookkeeper about the new tape rotation.

E-mail
Exchange 2000 can’t run on a .NET server because of incompatibilities with the rewritten IIS in .NET. Exchange 2000 relies on IIS to provide SMTP, NNTP, POP3 and IMAP4 services. Ann has no plans to upgrade from Exchange 5.5, however, so this lack of support doesn’t concern her. She installs Exchange 5.5 on one of the Win2K servers and moves the user mailboxes to the new server. She installs a new Internet connector and successfully configures it to route mail. With this service removed from the old PDC, she can now retire the machine.

If Ann decides to upgrade to Exchange 2000 in the future, she can install a new Win2K member server and use it as a platform for Exchange. The schema modifications performed during the Exchange 2000 installation are compatible with the .NET schema.

TCP/IP Services and Scripts
The old PDC, now demoted to a BDC, still runs DHCP and WINS. Ann decides to transfer the TCP/IP services to the newly upgraded PDC. She moves DHCP using the procedure in KnowledgeBase article Q130642, “How To Move a DHCP Database to Another Windows Server.” In brief, this procedure involves saving the NT DHCP Registry key to a file then copying the key and the DHCP database to the Win2K server and starting up DHCP services in such a way that the database is converted and the keys aren’t overwritten.

The WINS database requires much less work. Ann simply removes WINS from the demoted BDC and installs WINS on the new Win2K DC. She reconfigures the other servers and the two desktops to point at the new WINS server and runs:

nbtstat –RR

to register their resource records. Ordinarily, because Ann uses logon scripts in NT 4.0, she’d need to reconfigure NETLOGON replication to use a classic BDC as an export server because neither .NET nor Win2K supports classic LMRepl. However, because she’s upgrading the entire system at once, she plans to use group policies to control the terminal server sessions.

Dial-in Services
Rather than moving the modems to one of the new .NET DCs, Ann plans to enable the RRAS service on one of the servers to accept VPN connections. If she can get the SOHO firewall to accept tunneling IPSec in .NET, then she’ll use L2TP as the VPN. Otherwise, she’ll use PPTP.

Terminal Services
Ann is excited about the new terminal server features in .NET, but she has a couple of problems ahead of her. First is money. To run Win2K or .NET as an application terminal server, Ann must install Licensing Services and populate the license database with Terminal Server Client Access Licenses (TSCals) for her thin clients. This turns out to be a significant expense. She only has 90 days to obtain the licenses after upgrading the terminal server, so she needs to come up with compelling reasons to give the owner prior to upgrading the server. Those reasons include much faster performance, fewer problems with the high-latency connection between offices, greater color density, automatic printer/serial port redirection, and better encryption support on the data streams coming across the Internet from the assembly plant.

She’s also likely to encounter problems with her thin client units. RDP-based thin clients use a CE operating system that must be upgraded to CE .NET to support the latest version of RDP in .NET. If Ann’s fortunate enough to have thin clients that support a CE .NET upgrade, then all’s well. If not, the clients won’t take advantage of the greater color density, automatic printer/serial port redirection or other new .NET terminal server features.

The existing terminal server doesn’t meet the minimum CPU speed requirements for a .NET server, but Ann isn’t about to talk the owner into getting rid of a two-processor server for the sake of a few hundred MHz of processor speed. She’s fortunate that she doesn’t have a four-processor server, because that would require installing .NET Enterprise at a significant price differential.

One Long Weekend
All in all, Ann is looking at a single day of work over a weekend to do the entire upgrade, assuming that nothing goes wrong. She uses the same plan to upgrade the remainder of her clients in Toledo and still has time to go to a few Mudhen games.

comments powered by Disqus

Reader Comments:

Mon, Jun 9, 2003 Andy Massachusetts

I would have told Ann to take a loooooong walk. As a MCSE who runs client networks for a living, I would have attacked the scenario very diffrently. Nice Try Ann. Go back to Rocco's school of inept networking...

Tue, Jan 7, 2003 Ron Florida

This is a great article and really got a chuckle out of me. Everything in the article brought back memories of the way I have seen some companies operate. I agree totally with the scenario vs the real world. This situation is even more dramatic when a local govt agency is involved.

Thu, Dec 26, 2002 Michael West Worcester, MA

All I could do was smile as I read it. Very real situation. The small business is out there and they do have IT needs just like the Enterprise. As a consultant, I would inform the owner of NT 4.0 Server's future and left it in place. Just because Microsoft isn't going to support it, doesn't mean we have to stop using it. Heck, they really don't support any of their products that well. It everyday users and consultants who share their stories on forums that support end up being a better support resource than Microsoft.

Ann needs to rethink the time involved in this project. NO WAY she's going to complete it in a day. She better start Friday night and work through the weekend. She also has to show up on Monday AM to make sure everything isn't working.

I'd love to see "Mr. Penny Pincher's" face when he gets Ann's bill.

Wed, Dec 11, 2002 Fred Anonymous

Finally, A real world scenario where miracles are expected with no additional funding and are put together with spare parts. Ann needs to remember that something always goes wrong and that she will have to include additional drive space to allow room for the 25GBs that the CEO's mailbox consumes because he keeps anything ever emailed to him.

Wed, Dec 11, 2002 Jonathan Dallas

Excellent article... more like this would be a tremendous asset to your publications

Wed, Dec 11, 2002 Michael Anonymous

Great article. I'd like to see more just like it.

Wed, Dec 11, 2002 MCSE Veteran Anonymous

Interesting article, but microscopic companies such as these hardly require a full time support person. The scenarios MS develops have a lot of similarities to enterprises. In my experience I have purchased several hundred thousands of server hardware and software to do a migration. And a migration is not done in a weekend, it takes many months to years even. Before that can happen you have to write documentation supporting the project charter and return on investment.

In fact, you spend more time writing documentation than anything else so I hope you all MCSE hopefuls have some technical writing classes under your belts.

Wed, Dec 11, 2002 Anonymous Anonymous

One major flaw of the whole plan is buried in the sentence which includes "assuming that nothing goes wrong". While this is a small environment and the plan seems well thought out, something is bound to go wrong, that is a fact. Hardware failures, corruption of files, stubborn services that refuse to cooperate, and technician fatigue are nearly guaranteed in such a project. But you hit a home run with the planning portion. Looks good.

Wed, Dec 11, 2002 Bob New Jersey

Great comedy writing as well as good real world advice, especially as to how to reposition the PDC role for the upgrade.

Some additional ideas from our experience with small companies:

1) If you do not need the groupware functions of Exchange, avoid internal email management by using an external ISP. It is much simpler to manage and is one less point of exposure to the outside.

2) If you have a static web site, let the ISP handle it. With all Internet servers (web and email) outside, no router on your LAN need even answer a PING. The best incoming security is to have no incoming.

3) In one installation, at the owner's insistence, we have separate off-LAN stations for internet and email and the LAN is hermetically sealed with its line of business applications. His present limited use of the Internet lets him get away with it and he never worries about a virus or any hacking on his LAN.

4) At all our installations, the non-redundant server files are totally isolated from the software files. At one installation, weekly offsite backups are done by the CEO by burning a CDROM of just the data, and then taking it home. Full backups are made nightly, Server to station, using NTBACKUP and the scheduler, with different stations receiving the .BKF depending on the day of the week. Very simple operation and NO TAPE. Also, in this case, the CEO has the only station with a CD burner and his office is locked when he is not there. This is to help prevent unauthorized copies of the companies files.

Wed, Dec 11, 2002 Anonymous Anonymous

Frankly, given this dangerously close-to-reality scenario.
Ann could save a huge amount of money by forgetting .Net and migrate her customer's servers over to Linux.
The money saved just in licensing costs could be applied to better hardware, and software to run the Windows apps.
Linux would require less physical resources than .NET, and wouldn't risk being obsoleted and orphaned three years in the future.
The customer's savings could be further enhanced by migrating over to open-source office suites such as OpenOffice or StarOffice, thereby saving even more in purchasing and licensing costs. This could even be the start of an upward spiral in savings, rather than downward spiral in spending.
Ann could even add Linux to her certification portfolio and augment her business.
Microsoft bashing? Not at all.
Microsoft is worth billions.
Anyone else has to scrape every penny off the floor to stay in business.
And frankly, the savings that Linux and open-source software provide are too compelling to ignore.

Wed, Dec 11, 2002 bigbillyt florida

I am perplexed. The beginning of this article outlined a very realistic real-world scenario. However, "Ann's" solution set seems to me to be shaky at best. For one thing I am not sure putting a client like that on a platform that has not even seen it's first service pack is very wise. I have to think that she had to bill them for a fortune in labor and faces a pretty huge administrative burden going forward. I don't see how she got a penny pincher to agree to these kinds of expenses to upgrade, particularly all at once.

Wed, Dec 11, 2002 Steve Charlotte

If I ran that network, I'd be embarrassed to write about it! What a collection of junk! The weakest part of the article, though, is found in the last paragraph..."assuming that nothing goes wrong". haha
Rule number 1 in the IT world is "Nothing ever goes as planned!"

Wed, Dec 11, 2002 Anonymous Anonymous

Common guys... this is a SOHO scenerario! In medium to large environments is not like this. By the way, for this scenerario (since the customer is too concerned about his budget), I would implemented a solution using Linux.

Wed, Dec 11, 2002 Robert Harris, MCSE New Jersey

WOW.....is there another parallel universe out there? This is almost a duplicate of a "real world" scenario I have had to consult for....quite a few hardware/software untruth's, but the essence of the article was very "to the point".....Hello Microsoft, THE REAL WORLD isn't text book, nor does everyone have the funding to upgrade everything all at once!

Wed, Dec 11, 2002 Debbie UK

Are you saying that exchange 5.5 will run on .NET, but, exchange 2000 doesn't? Or am I the only one who noticed that the .NET servers suddenly became W2K servers half way through the upgrade? Im amazed its only one day to build migrate & test these servers though!

Wed, Dec 11, 2002 Lee Evans Chicago

Great Article, I am definately going to forward this to my team members. We call this "ghetto-networking" in our office. Essentially, I'm MCSE with 16+ years experience and when new members join our team a few years ago they where in for a culture shock having studied Implementing Microsoft Technology they quickly learned that much of what is recommended in books is not practical in many environments due to the political and budgetary constraints.

Tue, Dec 10, 2002 Dave Ohio

Sometimes people just don't get it....

...didn't make a PII 90mhz.....
...you shouldn't use desktops for servers..
Blah, blah...

Don't get it, eh? This scenario is more realistic then the test scenarios. And has less errors too.

Thats the point.

By the way, people do use desktop boxes as servers. They don't do backups on exchange and run circular logging.. etc..etd.. Blah, Blah... I never said it was wise. But that is now many things are done.

Tue, Dec 10, 2002 Michael St. Louis

Interesting article, but I don't believe there ever were PII 90's or PIII 400's. Believe it should be PI 90 & PII 400.

Tue, Dec 10, 2002 Robin San Francisco

There never was a 90mhz PII. PII's came in speeds from 266 or so to 400 mHz. But - I've seen dual processor P90 systems with space for 256meg of RAM though (HP Vectra XU series).
I'd seriously consider migrating the dual processor PIII to a Linux OS with LTSP terminal services, and the other servers to Linux as well.
They might also consider leasing a $99/month Linux server in a colo to handle mail, web site and offsite backups. The SDSL service is probably due to be reevaluated, as costs have come down and a competitor might have a faster service for the same price.

Tue, Dec 3, 2002 christie monroe

This is a great article. It seems rather comical when reading this real-world scenario. After experiencing a situation such as described above, you look back and wonder where you happen to find the brain power and energy to pull off that project the rest of the world expects before the next business day. I have to agree with Brian, however, on the issue concerning desktops and towers as servers. That is a time bomb waiting to explode. One also has to wonder why Microsoft would make a platform that is not compatible with its own software.

Fri, Nov 22, 2002 stan Denver

This is an excellent article. I couldn't help wondering, however what the comparison might be if Linux was chosen instead of .net for the NT4 upgrade. Seems like it might be substantially cheaper. I think you could make everything work, even Exchange could be replaced by SUSE enterprise for a 1000 bucks.

Wed, Nov 20, 2002 Unsure Cheapville

The PDC for the domain is a 90MHz PII desktop with...I didnt know intel ever made a PII 90mhz???
Not a bad article but some errors, and the Tech doing the work still spent money that alot of business owners would not approve.

Tue, Nov 19, 2002 steve lame deer, mt

i enjoyed this article, being a MCSE and a MCSA in 2000, i have found querks in .NET server that ive been have dificulty with. this article put some of that in perspective. thanks for for the input!! but i do have a question, does anyone recommend a DECENT training manual as to the implementation of .NET server? if you do, please email me at stevedtat@hotmail.com. Thanks

Tue, Nov 19, 2002 Brian in CA Anonymous

Good approach with this scenario. Couple of issues, one is that .NET has a 120-day grace period on TS CAL's (as of a couple of builds ago), another is that there's no point in moving DHCP databases with so few clients as they will re-request their old IP's by default (even from a new DHCP server). This just emphasizes what a bad idea it is to set the lease duration to indefinite (I still run across that). 3 days max as far as I'm concerned. On a different note, I have grave reservations about having workstations do server duty, especially as regards fault tolerance. Even cheapskate clients will understand how much a half-day downtime will cost them. Perfectly good fault-tolerant server cases are $215 (InWin Q2000). Even moving the guts of an off-the-shelf box into a decent case will save a lot of grief down the road. I've rebuilt half-dozen servers in the last 8 months alone with either preventative intent or as part of a "forced repair." I consider it virtually criminal that Dell sells cut-rate servers with no redunancy, but whatever the market will hold. Something for you new guys to consider, since I see so much junk out there the old guys have some pretty bad habits.

Tue, Nov 19, 2002 Anonymous Anonymous

Fantastic article.

Sun, Nov 17, 2002 Anonymous Washington, DC

VERY well written, but I have one question. I can understand why a static database such as DNS woyld be moved, but why move a dynamic DHCP database. Why not simply shut down the old server and fire up the new one?

Thu, Nov 14, 2002 sherri houston

Really excellent overall coverage of Win2k AND .NET I am printing this for future reference, and for reviewing when I'm ready to take my 70-218.

I also say, more real-world scenarios from real techs, please. Those are the most helpful.

Thu, Nov 14, 2002 roberta FL

More real world scenarios, from real techs in the field..

Wed, Nov 13, 2002 Ron Gibson Dexter, Iowa

I really enjoyed the article. Having just earned my MCP (as of 8 Nov 02) and with the only real world experience that I have being that of PC repair jobs, and upgrades for friends family & neighbors, I appreciate an insight into what an actual IT person goes through. I knew that the Microsoft test was pretty much an unrealistic situation. Thanks

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.