This lesson introduces several ways that you can perform a migration. This subject is covered in greater depth in Chapters 6–9 on upgrading and restructuring domains.
After this lesson, you will be able to
Estimated lesson time: 30 minutes
Prior to the migration process, you will have a Windows NT–based infrastructure that's organized into some domain structure. This structure serves as the security and management environment for users and resources. These domains usually perform the following tasks:
During the migration, you might be running both Windows 2000 and Windows NT servers in what is known as mixed mode. When you remove the last Windows NT domain controller from the network, you can convert the entire network to native mode. Moving to native mode is a one-way transition; you cannot return to mixed mode or Windows NT mode without rebuilding the entire system.
Several methodologies are available for a Windows 2000 migration. These are broadly based on two concepts: an in-place upgrade (henceforth known as an upgrade) or a restructure. An upgrade from a Windows NT environment to a Windows 2000–based infrastructure reflects exactly the current domain arrangement. A restructure consolidates the existing Windows NT resource and user domains to a more efficient arrangement of Active Directory domains and OUs. When combined, these two methodologies can create any of the following migration scenarios:
Depending on which book or resource you read or which guru you consult, you will find different perspectives on each methodology. Each methodology has a benefit and a risk or tradeoff. For example, a restructure to a pristine environment has less of an impact on the existing production environment and from this perspective will minimize the number of potential disasters. The tradeoff is that a restructure normally requires substantially more resources and design time depending on its size. An upgrade can potentially have less of an impact on the production environment because it can be performed immediately. The risk is that if the existing drivers don't function properly, you might find yourself in disaster recovery mode.
TIP
When considering which methodology to use, don't get caught up in which one is the best. Instead, consider factors such as the size of your network, the impact on users and the business if a system is down for a day or several days, the number of objects in your domain to migrate, and so on. What's best for one organization might be totally inappropriate for another similar corporation.
An upgrade—an in-place replacement of existing Windows NT servers with Windows 2000 servers—is shown in Figure 1.1.
Figure 1.1 An in-place upgrade
An upgrade doesn't entail changes to user or resource management. The in-place upgrade method is generally recommended for environments that meet the following criteria:
The main disadvantages of an in-place upgrade path include the following:
A Restructure
A restructure is the process whereby the user and resource domains present in a Windows NT deployment are mapped into an arrangement that uses the additional facilities provided by Active Directory, as shown in Figure 1.2.
Restructuring involves the movement of security principals between domains. You design a new Active Directory forest and then populate it with users, groups, and resources from the existing Windows NT environment. The result is a simpler structure in which management can be decentralized. For example, you can convert a Windows NT multiple-domain model into a single Active Directory domain with a consequent reduction in the number of trust relationships.
Figure 1.2 A restructure
Reasons to restructure include the following:
Reasons not to restructure include the following:
NOTE
Many of the principal benefits of the move to Windows 2000 appear only when running in native mode. Therefore, consider a restructure in terms of when to do it rather than whether to do it.
An upgrade and restructure migration (see Figure 1.3) breaks the migration down into these two distinct phases, the first phase being the upgrade. Once the first phase has been proved to be successful the second phase involving the restructure can begin.
Figure 1.3 An upgrade followed by a restructure
Reasons to perform an upgrade and restructure include the following:
Reasons not to upgrade and restructure include the following:
This type of migration is essentially an upgrade following a consolidation of domains. If you have several resource domains in your company consisting of only a few clients and objects, your upgrade will be far easier to manage if you first consolidate those resources into a smaller number of domains rather than upgrade every one. (See Figure 1.4.)
Figure 1.4 A restructure followed by an upgrade
A partial upgrade/partial restructure involves the creation of two distinct and separate environments, one in mixed mode and the other in native mode. With careful planning, the two can function on the same network infrastructure, and you can move users and resources from one to the other in a phased way until the legacy systems are either withdrawn or upgraded themselves.
Reasons for a partial upgrade and restructure include the following:
Reasons not to perform a partial upgrade/partial restore include the following:
In this practice, you'll analyze a set of migration scenarios and consider the best policy for the corporate installations described. For each one, you must determine the key considerations driving the migration, the optimal system arrangement under Windows 2000, and the deliverables to specify.
An advertising agency has offices in London, Paris, and New York. The Windows NT infrastructure includes a resource domain located at each of the offices and two account domains, one in London and one in New York. The migration has a limited budget and limited support staff. The migration is driven by a need for Microsoft Exchange Server 2000, a groupware messaging system that relies on the Windows 2000 Active Directory. The ad agency is currently in the middle of several large contracts that must not be disrupted.
Consider each of the following five migration methodologies and identify the advantages and disadvantages of each one for the company. Check your answers with those provided in Appendix A, "Questions and Answers."
A pure upgrade
An upgrade followed by a restructure
A restructure (or consolidation of Windows NT domains) and then an upgrade
A partial upgrade/partial restructure
A total restructure into a pristine Windows 2000 infrastructure
A manufacturing company, formed by the merger of an American and European company, has offices in Rome, Chicago, and Denver and manufacturing facilities in Hong Kong, Japan, and Texas. The company currently uses the multiple-master domain model that resulted from the creation of a two-way trust between the account domains from the original two companies and a large number of resource domains that have one-way trusts with their original account domains.
The company is concerned about the limitations of its structure hampering future development and the current difficulty of managing the system. The company is suffering from poor use of WAN bandwidth between sites, and it is currently setting up new corporate headquarters in Seattle.
Consider each of the following five migration methodologies and identify advantages and disadvantages of each for this company. Then check your answers in Appendix A.
A pure upgrade
An upgrade followed by a restructure
A restructure (or consolidation of Windows NT domains) and then an upgrade
A partial upgrade/partial restructure
A total restructure into a pristine Windows 2000 infrastructure
In this lesson, you learned the advantages and disadvantages of five different migration scenarios: an upgrade, a restructure, a consolidation and then an upgrade, an upgrade and then a restructure, and finally, a partial upgrade/partial restructure. These scenarios provide different advantages for the migration process as well as different tradeoffs.
In general, an upgrade is best where the underlying organization is sound and no requirement exists to make radical changes to it. Restructuring is preferable to rectify poor design and to maximize the benefits of installing Windows 2000. The ultimate aim should be a restructuring only when circumstances permit.