Once the primary domain controller in the Windows NT domain has been upgraded, you'll need to migrate any other application, DNS, DHCP, WINS, and RRAS servers as well as the BDCs. In this lesson, you'll review the upgrade process for these other servers and then perform some pre-upgrade tasks to ready the MIGKIT2 BDC for upgrade to Windows 2000.
After this lesson, you will be able to
Estimated lesson time: 40 minutes
You should have worked through Chapter 4, "Assessing Your Network Infrastructure," and completed all your testing to prepare your application servers for upgrading. You should especially ensure that checking is carried out on all mission-critical applications such as LOB, e-mail, and financial programs. Once you've ascertained that they can be upgraded and you've determined the potential risks, the next step is to plan for when and how to upgrade the application servers.
If it's impossible to plan the application servers upgrade for a weekend, public holiday, or evening, and the application is required to run 24x7, you'll need to plan for a backup server to make the data available while the original is being upgraded. In this case, you'll need to do some or all of the following:
To review from Chapter 4, wherever possible, try to upgrade all DNS servers to Windows 2000—remember that servers upgraded to Windows 2000 DNS servers have the ability to integrate directly with Active Directory and to support secure updates and DHCP registration of the A and PTR records. If you won't be performing this upgrade, your existing DNS servers will need to support the SRV resource records (as defined by BIND 8.2.1 or later). However, although you can get Windows 2000 to work with other DNS services, in practice you are better off using the Windows 2000 DNS.
DHCP and WINS servers upgrade without any problems, but you'll need to provide alternative services for IP management if the upgrade is taking place during working hours.
After DNS servers are migrated, you should migrate the RRAS servers next or at least wherever possible, and consolidate them to a Windows NT BDC. Consolidation will help because the Windows NT RRAS service requires support for an anonymous connection prior to formal validation. Although the anonymous connection is supported in Windows NT, it isn't supported in Windows 2000 without relaxing important security levels. If required, you can enable access to the Everyone group during the migration, at the cost of degrading security.
As discussed in Chapter 6, "Performing an Upgrade," it might be prudent to migrate all the export services to a Windows NT BDC and then migrate this BDC last.
Before beginning the upgrade of a BDC, you should at least perform the following:
CAUTION
During the upgrade, Windows 2000 will attempt to detect the devices on the BDC. If devices in the BDC aren't detected or are detected incorrectly, the upgraded Windows 2000 system won't function correctly and you'll need to install the missing drivers after the upgrade. Therefore, you should attempt to perform a pilot upgrade on an identical platform before upgrading the production system.
Now you'll upgrade MIGKIT2, the Windows NT BDC, to Windows 2000 and complete moving the network from Windows NT to Windows 2000 Active Directory.
The system will copy files to the hard disk and then reboot twice during the installation, as in the PDC upgrade you performed in the previous chapter.
After the basic installation has completed, the Active Directory Installation Wizard page appears.
IMPORTANT
Before you run the installation wizard, make certain that the network connection is functioning correctly. Use the Device Manager to check that the network card is working and update the drivers if necessary.
In the first step of the Active Directory installation, you select the role of the server. It can be a domain controller and take part in the Active Directory, or it can be a member server and hold only resources. Unlike Windows NT, it's possible to demote a domain controller to a member server without reinstalling the operating system. It's also possible to promote a member server to a domain controller. In Figure 7.12, you're able to make this selection.
Figure 7.12 Setting the server to be a domain controller
At the Network Credentials screen shown in Figure 7.13, you will be asked for the administrator credentials. You must now be authenticated in the domain that the server is joining. It isn't required that the Administrator user name be used, but the user name entered must be a member of the Administrators group.
Figure 7.13 Network Credentials page
You will then be prompted to specify the Sysvol location as shown in Figure 6.15 of Chapter 6.
You are prompted for the Directory Services Restore mode password, as shown in Figure 6.19.
NOTE
Since DNS is running and the Active Directory security has already been set, you are not asked questions concerning their configuration.
You are now shown a summary page similar to the one shown in Figure 7.14. Your page could appear somewhat different depending on the locations you've chosen for the Active Directory components.
Figure 7.14 Upgrade Summary page
During the upgrade, the progress page will keep you informed of the action currently being performed. At the end of the upgrade, the Active Directory Installation Wizard will display the completion page you saw in Figure 6.22 in Chapter 6.
After the system restarts, your system will be running Windows 2000 as a domain controller in the migkit.microsoft.com domain. Remember that MIGKIT2 now operates on the same level as any other domain controller in Active Directory and can no longer be classified as a BDC.
In this lesson, you learned how to upgrade a Windows NT backup domain controller to a Windows 2000 domain controller. You saw that the TCP/IP settings of the systems must be established before the upgrade, and that the network must be properly configured and the Windows 2000 domain controller must be visible on the network. You then performed an upgrade of the Windows NT BDC and converted it to a Windows 2000 domain controller.