Windows 2003 Migration, in a Nutshell

Reader wants the simplest path to upgrade to Windows Server 2003 and Exchange 2003.

Question: We're thinking of moving into a Windows Server 2003 environment. Currently, we're running Windows 2000 along with Exchange 2000.

I have two scenarios for doing the upgrade, and I'm trying to decide which one would be the most beneficial for the company. We're going to work out any bugs in the lab by installing a new Windows Server 2003 domain and new Exchange 2003 servers.

Once we're done testing, my boss wants me to join this lab domain to the production domain and then upgrade the production domain. I'd like to work out the bugs in the lab, as well, but then I'd like to upgrade the production domain rather than merge it with the lab domain. Am I being too careful?

Also, we're thinking of deploying Outlook 2003 at the same time as the Exchange 2003 upgrade. Should we wait until we've finished the deployment or do both jobs at the same time?
— Wilson

Get Help from Bill

Got a Windows or Exchange question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to Bill at mailto:boswell@101com.com; the best questions get answered in this column.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message but submit the requested information for verification purposes.)

Answer: The sequence of events outlined by your boss has one fatal flaw: You can't "join" one Active Directory domain to another regardless of the Windows Server version you're running. There is no merge and purge capability in Active Directory.

To introduce the lab domain into production, you would have to migrate all user, group and computer accounts to the lab domain and re-permission all servers and do other work involving desktop profiles and so forth. That's too much work for a simple e-mail migration.

Here's a sequence of operations that would get you to your goal of upgrading the production domain:

  1. Make sure that all your applications (including but not limited to antivirus, antispam, backup agents, monitoring agents) and storage interfaces (SCSI, SAN, NAS, iSCSI) work with Windows Server 2003 and Exchange Server 2003. Windows 2003 includes quite a few security upgrades, so make sure you test any applications that rely on Windows authentication.
  2. Apply the Inetorgperson hotfix as described in Knowledge Base article 314649, "Windows Server 2003 adprep /forestprep Command Causes Mangled Attributes in Windows 2000 Forests That Contain Exchange 2000 Servers" http://support.microsoft.com/default.aspx?scid=kb;en-us;314649.
  3. Run Windows 2003 forestprep and domainprep.
  4. Introduce a new Windows 2003 domain controller in production.
  5. Migrate the remaining domain controllers to Windows 2003. Don't upgrade existing DCs. Demote, reformat and reinstall.
  6. Run Exchange 2003 forestprep and domainprep.
  7. Install the new Exchange 2003 servers. Once again, don't upgrade the existing Exchange 2000 servers. You get the best mix of performance and security by installing newly configured servers.
  8. Move mailboxes, connectors and public folders to the Exchange 2003 servers. The improved, multithreaded "Move Mailbox" feature in Exchange 2003 will help speed the transition, and there's a public folder migration utility in the suite of tools associated with Exchange 2003 SP1 that helps to migrate public folders.
  9. Decommission the Exchange 2000 servers. This is relatively straightforward. Once you're sure that you've moved all the public folders and mailboxes, take it off the wire for a few days to make sure you got everything, then put it back on the wire and remove Exchange using Add/Remove Programs. This removes the server from the Organization.

As for the Outlook 2003 deployment, you can do the work any time that's convenient for users. Outlook will determine the new location of the user's mailbox following a move, so there's no reason why you can't start the Outlook 2003 upgrade today. You won't get all the cool benefits (MAPI compression, drizzle downloads) until you upgrade to Exchange 2003, but you won't hurt your current Exchange servers by using Outlook 2003.

About the Author

Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.

comments powered by Disqus

Reader Comments:

Thu, Sep 16, 2004 Stein Norway

As a summary this might be useful, but to do the actual migration you need a lot more knowledge than this provide. I agree with Dean from Richmond that testing is an absolute necessityto a successful migration, but some, usually smaller companies does not have the luxury of either a test lab, nor the resources to perform extended testing. However, most of the migrations I have done both from Nt 4.0 and W2K has gone well, but there is always the KB and Technet searches to get everything perfect, and it never stops to amuse me the new kind of errors you can dump into when migrating.
A more extended article on how to perform a migration would be preferable.
To Daniel R.: A NT 4.0, Exchange 5.5 migration is also pretty straight forward, but I will give you one vital tip: NEVER leave an upgraded NT 4.0 PDC in the production environment. Introduce an temporary machine in the NT 4.0 environment, promote it to PDC, updgrade, dcpromo, introduce new 2003 DC`s, and dcpromo that temporary machine out the window.
I would also like to say that even though you use the Exchange 2003 Deployment Tools when performing an upgrade from 5.5 to 2003 to perfection with no erros whatsoever, issues CAN and WILL happen after you have moved to entire organization. Tips here are pay close attention to your DNS, and especially DNS on your clients. If that Outlook does not manage to find the clients mailbox on the new server automatically, you are in trouble, most of the times you can end up with an empty mailbox on the 5.5 server that are recieving mail, and a mailbox on the 2003 server that contains all the old mail but are not recieving anything ! So once again; test, test, test, test

Wed, Aug 25, 2004 Jorg Atlanta

Very nice and short outline of what has to happen and as always well written by Bill. If nothing goes wrong (hope you are praying) then you could skip test and backup plans, but I think you should put some good internediary backup plans and/or workarounds in place.

Wed, Aug 25, 2004 Dean Richmond

Oops I forgot to add. In your test lab you may notice some distinct differences between a fresh install of Windows 2003 and an upgrade to Windows 2003. The final product is not the same. What you say? One example is that the password security policy on a new install requires secured passwords. The upgrade keeps your previous settings. So much for upgrading to a more secure enviroment. Microsoft support claimed this was for product compatability. O.K., but where is the article to finish the install so that your obtain the same benefits as a new installed? After an exhaustive search months ago, I found nada, zip, VARS, Resellers, MS Sales Reps, and MS Support all had nothing. We have found several items and had to uncover and implement them manually. Hopefully MS will have something on this in the future.

For the gentlemen with problems with Exchange 5.5 breaking.. Exchange 5.5 is stable. If you are having problems you will want to fix them before you upgrade. The upgrade will not do this for you! In fact, upgrading a problem system is often a receipe for disaster.

Wed, Aug 25, 2004 Anonymous Anonymous

Good summary

Wed, Aug 25, 2004 Daniel R. Grass Valley

Very helpful article if you have already migrated to 2000. What about the big NT 4.0 to Win2003 jump that so many of us IT guys are ringing there hands about? I have 15 programs at least that have been running on NT 4.0 for the last 8 years and ever time I breath on Exchange 5.5 it breaks. With OWS breaking with Outlook 2003 I need to move on this now with the least possable headachs. How about some pointers to the NT4.0 to 2003 in a nut shell?

Thanks for the article, I'll add it to the arsenal.

Daniel R.

Wed, Aug 25, 2004 Dean Richmond

Sorry for all of the typos - Microsoft recommended using the Exchange 2003 tools to perform the forest prep and domain prep. (Not clear from what I wrote above)

Wed, Aug 25, 2004 Dean Richmond

WHAT HAPPENED TO TEST?

The question as I read it was that this company wanted to setup a test lab, not to begin installing a solution in production.

In our test lab we built up a servers, wan links, and clients to emulate production. There is several tools to migrate your domains, policies, users, shares, etc. between domains. We also configured printers applications, SQL Servers and Terminal Servers. Once everything was in place we test the upgrade using several approaches. In addition, we tested the upgrade simulating real life scenarios such as WAN links that fail in the midst of an upgrade.

A few of the items we uncovered that had ramifications for us, was the tools for confirming replication over the links both before the process, and betwen each step of the process to confirm completion. The IIS lock down tool settings can disable applications on your servers and needs to be run on servers with IIS, i.e. Exchange Servers. Lastly you can use the tools to migrate the directory that came with Windows 2003 or with Exchange 2003. When contacting Microsoft during some issues we encountered they recommended using these tools.

From experience I always recommend performing offline integrity checks of your exchange databases and offline defragmentation before any upgrade.

Absolutely - Test, Test, Test.

Tue, Aug 24, 2004 Michael Canada

Good outline.

Tue, Aug 24, 2004 Michael San Diego

Very help and well explained. We are going through the domain upgrade and that portion was helpful. Not at Exchange just yet.

MP

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.