Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Upgrading NT4.0 domain

Status
Not open for further replies.
yoines

yoines

IS-IT--Management
May 14, 2004
12
NO
Hi,

we have an enviroment with 6 xDC and 4 member-servers (databases, Exchange 5.5 etc etc) on 5 different locations.
The domain is a NT4.0 domain, but some of the member servers are Windows 2000. They are all connected together with WAN (or LAN)-links.
Workstations are W9x, W2k Pro and XP Pro.

I want to start looking at Windows 2000 AD, but are for different reasons not able to take everything in one operation. The NT 4.0 BDC's have to live a periode of time
:(

I hope somebody can helping with the following questions:

1) As I understand; I must start upgradeing the PDC to 2K-Mixed mode. If I for some reason want to do a Roll-back, can I just remove the W2k-Domain Controller and promote one of the NT 4.0 BDC's or wil that mess up something (i.e. machine accounts member-servers or 2k Workstations?)

2) Can I add Windows 2k-DC or NT 4.0 BDC unlimited as I like or are there any limitations when the domain is mixed mode?

3) What is the benefits of Windows 2000 AD (mixed mode) compared to NT 4.0 Domain, and what is the benefits when upgrading Mixed mode to Native mode?

4) When I have more than one W2K-DC, is all W2K-controller equal in a Domain/AD (mixed mode) or are there still one PDC?

5) Is there any known issues related to Exchange 5.5 when the domain is in mixed mode?

6) Can exchange 5.5 and Exchange 2000 live together in the same site, since I am not able to to upgrade all Exchange-servers /BDC's to 2K.

6) Can W2K-AD work with WINS, or does it need DNS? Is both WINS and DNS needed; also after the domain have reached Native Mode.

7) As I understand, Windows 2000 Server does not support NT 4.0 directory replicator. How to replicate the logon-directories between Windows 2000-server and NT4.0 xDC?

Best regards


Yngve
 
Sort by date Sort by votes
1) As I understand; I must start upgradeing the PDC to 2K-Mixed mode. If I for some reason want to do a Roll-back, can I just remove the W2k-Domain Controller and promote one of the NT 4.0 BDC's or wil that mess up something (i.e. machine accounts member-servers or 2k Workstations?)"

What you would want to do, is build a new piece of hardware (if you can afford this), install Windows NT 4.0 BDC. Then promote this server to PDC (this will demote your old PDC). Now, take the old PDC offline....and save in case you need to roll back. Now perform inplace upgrade on the new PDC to 2K.

to rollback...simply take the 2K machine offline and bring your old PDC back on the network. Nothing will get messed up because the old PDC will have all of the existing machine accounts. You will have to promote this server back to PDC once it is back online.

"2) Can I add Windows 2k-DC or NT 4.0 BDC unlimited as I like or are there any limitations when the domain is mixed mode?" -No limitation.


"3) What is the benefits of Windows 2000 AD (mixed mode) compared to NT 4.0 Domain, and what is the benefits when upgrading Mixed mode to Native mode?" Biggest benefit of Mixed mode is being able to continue the use of NT 4.0 domain controllers. Once you switch to Native mode, the BDC's will not longer communicate with the domain. Once in Native mode, you will gain:

Major advantages of native mode include support for universal groups, nested groups, and transitive trust relationships. One of the biggest drawbacks of mixed mode is that AD’s scalability is limited to 40MB because the PDC emulator replicates changes to NT domain controllers that inherit limited scalability by design. By default, Win2K domain controllers establish an automatic two-way Kerberos trust relationship with all other domain controllers in a domain. Because NT domain controllers don’t understand Kerberos transitive trusts, you have to establish explicit (manual) one-way trusts between domains to authenticate users from other domains.


"4) When I have more than one W2K-DC, is all W2K-controller equal in a Domain/AD (mixed mode) or are there still one PDC?" All DC's are equal (meaning if one DC goes down, the domain will still function.) However, only one W2K DC server acts as PDC-emulator. So, if this server goes down, you will have to forcefully move the role to another existing W2K DC. This role is a FSMO role.

"5) Is there any known issues related to Exchange 5.5 when the domain is in mixed mode?" No

"6) Can exchange 5.5 and Exchange 2000 live together in the same site, since I am not able to to upgrade all Exchange-servers /BDC's to 2K." Yes

"6) Can W2K-AD work with WINS, or does it need DNS? Is both WINS and DNS needed; also after the domain have reached Native Mode." Most likely you will still need WINS...even after you move to Native mode. My suggestion would be to make sure WINS is migrated to a Windows 2000 server even after the migration. WINS isn't needed for Windows 2000 and higher clients to use AD. However, there are many third party applications that require it. DNS is REQUIRED for Active Directory. For example, client will use DNS to authenticate and communicate with Active Directory.

"7) As I understand, Windows 2000 Server does not support NT 4.0 directory replicator. How to replicate the logon-directories between Windows 2000-server and NT4.0 xDC?" You need to use LBridge from Windows 2000 resource kit to replicate with NT.
-hope this helps...also, you might as well upgrade to Windows 2003 instead of Windows 2000.

-later


Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
for question 1....possiblity of running into secure channel issues...not likely and not widespread

question 3....the whole point of mixed mode is to allow time to completely upgrade an environment...you may bring in as many nt4 boxes as you wish..but we assume you're removing them gradually

question regarding wins and DNS....WINS is nto needed in a 2000 or up environment
WINS is only needed if you have downlevel (NT4/9x) clients still...once those are gone, get rid of WINS...it is the very last thing any windows version after 2000 will attempt to use, it doesnt like it
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
1K
goombawaho
goombawaho
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
369
ADB100
ADB100
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
843
fredmartinmaine
fredmartinmaine
froggy8
  • Locked
  • Question
cant add my windows 7 pc to my domain 1
Replies
3
Views
335
hairlessupportmonkey
hairlessupportmonkey
Till
  • Locked
  • Question
Domain Admin Login Mail Notification
Replies
1
Views
328
technome
technome

Part and Inventory Search

Sponsor

Back
Top