Measures to be taken to keep many of the network services up and running during the migration have already been discussed in previous chapters, so in this lesson, you'll look at steps to take to ensure that the production environment isn't compromised by the migration. You'll be reminded of the various network operations that will be affected by the migration process.
After this lesson, you will be able to
Estimated lesson time: 40 minutes
Earlier chapters have dealt with the need for proper risk assessment of the migration project. During the assessment, migration failure points should be identified for specific attention. A failure point is an action which, if it fails, will affect the functionality of the production environment. For each failure point, a contingency plan must identify fallback positions and how to return to the migration path after the failure has been resolved.
A number of network services can be affected by the migration process. For example, you've already seen how the migration would affect RRAS services (Chapter 4, "Assessing Your Network Infrastructure"), file and folder replication (Chapter 6, Lesson 3, "Maintaining File Replication During the Migration"), and the logon process (Chapter 11, "Troubleshooting Windows 2000 During and After Migration"). However, other network services will also require attention during a migration.
You need to take measures to protect the PDC and the BDC before upgrading them. These measures are different and are detailed next.
Before starting the upgrade of a PDC, you should at least do the following:
During the upgrade, Windows 2000 will attempt to detect the devices in the PDC. If devices in the PDC aren't found or are detected incorrectly, the upgraded Windows 2000 system won't function correctly and you'll need to manually install the missing drivers after the upgrade. Therefore, you should perform a test upgrade on an identical platform before upgrading the production system.
The consequences if the upgrade of a BDC fails aren't as great as the consequences if a PDC fails; however, a number of issues need to be considered:
When migrating corporate, line-of-business applications, Web servers, e-mail systems, and essential database systems, you'll need to take those servers offline. In Lesson 1, clustering was mentioned as a technique for keeping application services available. You might also want to consider using duplicate servers, although if the information is dynamic, you'll then have to migrate the additional information to the migrated servers. For example, in an e-mail system, users will be constantly sending and receiving e-mail; therefore, new messaging information will accumulate on the temporary e-mail server after the upgrade of the original e-mail server has completed. You'll need a plan to migrate this interim e-mail to the upgraded e-mail server. You can take various steps to then migrate the users over, but all of these steps include substantial planning and reconfiguration.
For example, in Microsoft Exchange Server 5.5, you can enable all new e-mail to go to a .pst file on the client's local hard disk or home folder. However, you will then need to consider how to deploy the changes to the user's configuration and then how to move all the extra messaging stored on the local hard disk to the migrated server. You can see that, wherever possible, best practice is to have a temporary moratorium on all application services such as e-mail while the upgrade is proceeding (perhaps over a public holiday or in the early hours when users aren't active).
The issues surrounding the DNS and the Windows 2000 migration have already been discussed at length in earlier chapters. Essentially, you must ensure the following:
NOTE
BIND 8.1.2 and later versions of DNS support SRV resource records and dynamic updates. If a server running at this level is present on-site, it can be retained.
WINS provides a name resolution service to clients that need to connect to other services on the network. During migration of the WINS server, WINS will be unavailable. To ensure that name resolution services are still available during the migration process, you can do the following:
ValueName: HKeyLocalMachine\System\CurrentControlSet\Services\NetBT\Adapters\Your network card adapter name\NameServerBackup Data Type: REG_SZ Value: <input the IP Address of the secondary WINS server>
Be sure to have a secondary WINS server in case the main WINS server goes down. However, during the upgrade, the secondary WINS server will experience an extra amount of traffic. You might want to reduce the extra traffic by adding an LMHOSTS file containing the most accessed servers and printers in the network.
DHCP servers allocate IP addresses to requesting client workstations. During the migration of a system acting as a DHCP server, the server won't provide IP addresses for any clients. You'll either have to provide a replacement server (which will have to supply addresses from a different scope of IP addresses) or perform the migration at a time when there's no demand for DHCP services.
If the present DHCP server is running on a Windows NT system, it will be upgraded to the Windows 2000 version of the DHCP service, as seen in Lesson 2 of Chapter 6 (Practice 2). The DHCP options and current leases will be migrated onto the new system.
To perform the upgrade, the DHCP server must be authorized within Active Directory to assign IP addresses to clients. Authorization is performed from within the DHCP administrative tool.
As you've seen, during migration of the DHCP server, clients might be unable to receive an IP address from the scope. Lack of an IP address will prevent users from accessing any network services. To ensure that clients receive their various IP configuration settings during migration, you'll need to install a secondary DHCP server with a complementary range of IP addresses that doesn't overlap the existing one. You'll probably find a secondary DHCP server already in place because it's common practice in case of a network failure.
If you don't have a secondary DHCP server, you'll need to add one with sufficient IP addresses to handle the existing clients. The range of addresses selected should have a short lease period, perhaps eight hours. The short lease period will ensure that once the upgrade of the existing DHCP server is complete, all clients on the backup DHCP server will be reregistered on the upgraded DHCP server within a day of the upgrade, provided the secondary DHCP server has been taken offline.
Once the original server has been migrated to Windows 2000, you'll need to verify that the DHCP server service has been authorized and then activated by booting up a DHCP client in the same subnet as the migrated DHCP server. If the client receives its IP address settings, you know that DHCP is working.
After the migrated DHCP server has been verified and tested, you can remove the temporary DHCP server. There is also a utility that comes with Windows 2000 called Netsh that will back up WINS and DHCP configuration information.
In this practice, you'll install and use DHCP on a system. Then you'll extract the DHCP settings and see how they can be applied to another DHCP configuration.
In this exercise, you'll install the Windows 2000 DHCP server service and set up a scope of IP addresses to give to clients. You'll need to perform this installation on TRAINKIT1.
NOTE
If the DHCP service is already installed (there is already a check mark next to DHCP), you can skip the rest of Exercise 1 and resume with Exercise 2.
Figure 12.10 Installing the Windows 2000 DHCP service
The DHCP service is now installed on the system, but it is presently not providing an IP addresses.
Now that you have DHCP on your system, it must be authorized in Active Directory and configured with a scope of addresses. The scope of the addresses must be made active.
Figure 12.11 Configuring Windows 2000 DHCP
The New Scope Wizard will start.
Figure 12.12 Scope Name dialog box
Figure 12.13 IP Address Range page
The Add Exclusions page appears.
The Lease Duration screen appears. Here you set the duration of each lease. The default is eight days. If a lease isn't renewed within this time, the lease will lapse and the IP address will return to the pool.
The Configure DHCP Options page appears.
Figure 12.14 Configure DHCP Options dialog box
NOTE
If you have any other scopes already defined, select those and delete them so that only the new scope is listed.
The scope has been added. Now it must be authorized and made active.
Figure 12.15 Authorizing the DHCP scope
Figure 12.16 Active DHCP scope
NOTE
If you still see a red arrow on your screen, press F5 to refresh the display.
One potential component that can affect business continuity in migrated systems is duplicate IP addresses. To avoid duplicate IP addresses and ensure continuity of service, always enable conflict detection on migrated systems. You'll do this now.
Figure 12.17 Conflict detection in DHCP
Figure 12.18 Monitoring DHCP address leases
You will now use MIGKIT1 as a client of the DHCP server and verify that DHCP services are operational by obtaining an IP address.
CAUTION
In general, it is not recommended that servers have addresses allocated by DHCP. They should have their addresses fixed when Windows NT or Windows 2000 is installed, and their addresses should be excluded from the DHCP addresses available.
The Network And Dial-Up Connections dialog box appears.
Figure 12.19 Obtaining an IP address automatically
MIGKIT1 is now configured to use DHCP.
ipconfig /release ipconfig /renew
This will cause MIGKIT1 to release and renew a lease, using the DHCP server installed on TRAINKIT1. It should be allocated the address 192.168.0.150 because this is the first available address in the scope you defined.
Figure 12.20 IP address now leased to MIGKIT1
You now have a DHCP lease allocated to a client. Next, you'll export all the DHCP configuration settings for TRAINKIT1 into a text file using the Windows 2000 Netsh program.
You should see file contents similar to those shown in Figure 12.21.
Figure 12.21 File showing DHCP configuration
Note that there is no trace of your previous DHCP scope settings.
You should see all the configuration settings; however, note that all client information is missing.
The Netsh command is useful for backing up configuration settings of a DHCP and WINS server.
In this lesson, you examined the procedures to ensure availability of service for network services. You examined the procedures that you should perform before upgrading a server. There must be a BDC operating in the same site as a PDC that is being upgraded. A second PDC or BDC can be configured and taken offline to hold a copy of the domain in case of an upgrade failure. There must be valid network connections to other servers if the new domain is to be a child of any existing domain or a root of a new tree in an existing forest.
You also examined techniques for keeping DNS, WINS, and DHCP available. In previous chapters, you saw how to ensure the continuity of RRAS and file and folder replication.