In the previous lesson, you saw that when a Windows NT domain controller is upgraded to Windows 2000, it no longer provides the Directory Replicator Service. In this lesson, you'll learn strategies to employ to ensure that replication of files such as logon scripts is maintained during the upgrade.
After this lesson, you will be able to
Estimated lesson time: 30 minutes
File replication is often used in Windows NT domains to ensure that copies of files such as logon scripts are kept up-to-date from a single master copy. Replication is performed from an export server (usually the PDC) to the BDCs. The Directory Replicator Service (also known as the LAN Manager Replication Service or LMRepl) performs this replication, and its parameters are set using the Server Manager administrative tool in Windows NT. If necessary, prior to upgrading servers in the domain, consider moving all file replication to a Windows NT server in the domain and upgrade this server last. This server can be a member server as well as a domain controller. Moving all replication to a single export server retains the replication facility, but you must remember to reconfigure all the import clients to talk to this new export server if you have hard-coded all the settings.
When a Windows NT server is upgraded to Windows 2000, the LAN Manager Replication Service is no longer used to perform replication. Instead, the File Replication service of Windows 2000 Active Directory ensures that the Sysvol directory is automatically replicated among all Windows 2000 servers in the domain. See Figure 6.23 for a diagram of the differences between file replication in Windows NT and in Windows 2000.
Figure 6.23 Windows NT file replication compared to Windows 2000 file replication
During the upgrade, you'll have to decide how to manage the lack of a Windows NT replication service. There are two possible solutions:
If you choose to synchronize the file replication manually, you can use a Microsoft Windows 2000 Server Resource Kit script called Lbridge.cmd. Consider doing this only if you can't impose a moratorium on replication during the migration and if you frequently update the contents of the Netlogon share. If your logon scripts are rarely changed, you could simply run a modified version of the Lbridge.cmd script to manually copy the logon scripts whenever they change.
If file and folder replication is required during the migration process, you'll need to perform several actions when integrating the Windows 2000 and Windows NT systems.
When copying files to a designated Windows NT export server as illustrated in Figure 6.24, you might need to customize the Lbridge.cmd script file and schedule it to run at regular intervals according to how often changes are made.
Figure 6.24 Synchronizing replication systems by using a Windows NT export server
Note that in Figure 6.24, the replication is between two different domains. If the domains were running in mixed mode so that you had both Windows 2000 servers and Windows NT servers operating in the same domain, you would configure the Lbridge.cmd script differently. In a mixed scenario, you would also need to customize the Lbridge.cmd script to copy files from the Windows NT export servers to the Netlogon share of a Windows 2000 system. Other general tasks to perform include the following:
Figure 6.25 shows the second option of integrating the Windows 2000 FRS with the Netlogon shares of other domain controllers. In this case, you should simply ensure that the service or user performing the copy has the necessary permissions to the Netlogon folder on the Windows 2000 FRS volumes and the Windows NT systems.
Figure 6.25 Synchronizing replication systems via a Windows NT Netlogon share
The Lbridge.cmd script and its documentation file Lbridge.doc is supplied in the Tools folder you copied to MIGKIT1 from the Supplemental Course Materials CD-ROM. This script enables you to copy files from Windows 2000 to Windows NT or from Windows NT to Windows 2000, depending on which files need updating. It does this by working in conjunction with Xcopy or Robocopy commands. Robocopy is a "reliable" copy utility included with the Microsoft Windows 2000 Server Resource Kit and the Microsoft Windows NT Server Resource Kit. You can edit the Lbridge script to call either the Robocopy or the Xcopy program by reading the remarks included in the script file.
In this practice, you'll use a customized version of the Lbridge.cmd script file called Migbridge.bat to replicate scripts from the upgraded Windows 2000 domain controller MIGKIT1 to the export folder of the Windows NT BDC MIGKIT2. Finally, in this practice, you'll schedule this script to run at regular intervals.
Before starting this practice, be sure that PC1 is running and was upgraded to Windows 2000 in the first practice of this chapter. Also be sure that MIGKIT2, the BDC of the Windows NT MIGKIT domain, is running. Make sure the file Migbridge.bat is present in the C:\Tools folder of MIGKIT1.
For Migbridge.bat to run correctly, you must allow administrators in the domain to have access to the export folder on MIGKIT2.
To give the Administrators group access to the export folder
You should see that it already has an administrative share of Repl$.
The Access Through Share Permissions dialog box should now list Everyone and Administrators with Full Control permissions.
Now that you've granted the Administrators group full control of the Export folder, you'll be able to run the customized Lbridge.cmd script.
To run the custom Migbridge.bat replication script
You are now going to create a log of changes made to a folder using an amended version of the Migbridge.bat batch file called Repbridge.bat supplied in the Tools folder. Repbridge.bat doesn't include many of the messages contained in Migbridge.bat.
You should see the time the log was created and a list of files that were added.
By copying the files to an export folder on an Windows NT system, you could use the file and folder replication within Windows NT to redistribute all these files to other Windows NT servers. Take some time to view the contents of the Repbridge.bat and Migbridge.bat files and the Lbridge.cmd script on which they are based.
You could also have performed this procedure using the Netlogon folder on MIGKIT2. If you do this on a live system, bear in mind that the default share permission of Read on the Netlogon folder will need to have extra permissions added for the Administrator or another delegated person to execute the batch file. You should also take care not to overwrite any other information coming to the Netlogon folder from other export servers.
You will now practice scheduling file replication.
To schedule the Repbridge.bat file to run at regular intervals
@echo off c:\tools\repbridge >> c:\tools\lbridge.log
The Windows 2000 Scheduled Tasks program opens.
The Scheduled Task Wizard starts.
The Select Program To Schedule dialog box appears.
You will be asked how often you want the task to be run.
The Schedbridge dialog box opens, in which you can set advanced properties.
Figure 6.26 Setting the repetition interval of the scheduled event
The file should show that the Repbridge.bat script ran three times, the date and times it ran, and the source and destination folders involved in the file operations.
In this lesson, you learned about the problems of synchronizing the replication services of Windows 2000 File Replication service and Windows NT LAN Manager Replication Service. Whenever possible, you should suspend file and folder replication until after the network upgrade has been completed.
When that isn't possible, you also learned how to use the Lbridge.cmd script to synchronize updates between Windows 2000 and Windows NT servers. You also learned to do the following: