Planning for Test and Recovery


Before you begin your migration process, it is important to have a test plan and a recovery plan in place.

Develop a Test Plan

Develop a plan for testing your in-place domain upgrade procedures throughout the in-place domain upgrade process to ensure that they have completed successfully and to determine whether the process of upgrading Windows NT 4.0 domains to Windows Server 2003 Active Directory was successful.

Table 1.6 lists the Active Directory configurations that you must test and the tools that you can use to test each configuration. For more information about the options that are available for these tools, see Active Directory support tools in Help and Support Center for Windows Server 2003. For more information about specific configuration and functionality tests that you can perform before and after the Active Directory installation, see the Active Directory link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources. Search under Administration and Configuration Guides and download the Active Directory Operations Guide .

Table 1.6: Active Directory Configuration Test Components

Configuration

Tool

Purpose

Active Directory service

Dcdiag.exe

Tests for successful Active Directory connectivity and functionality. Confirms that the domain controller has passed the diagnostic tests (such as connectivity and replicated objects). Each test must return a passed result.

 

Netdiag.exe

Diagnoses networking and connectivity problems by performing a series of tests to determine the state of your network client and whether it is functional.

Active Directory replication

Repadmin.exe /replsum

Returns all replication events taking place between the forest root domain and other Active Directory domain controllers. This must return a successful replication event with all inbound and outbound replication partners .

BDC replication status

Nltest.exe /bdc_query: domainname

Shows connection status for all the BDCs. This must show status = success for each domain controller within the domain.

After you confirm that the Active Directory configuration is correct, you need to verify that Active Directory is functioning correctly. Table 1.7 lists the Active Directory functions that you need to test and the methods that you can use to perform the tests.

Table 1.7: Active Directory Functionality Test Components

Function

Test

Method

New user creation

Create a new user on the Windows Server 2003 “based domain controller.

Log on with administrator credentials and use Active Directory Users and Computers to verify that the new user was created successfully.

New user object replication

After replication to BDCs takes place, determine whether new user is replicated to BDCs.

  1. Type Net User at a command prompt on a Windows NT 4.0 “ based domain controller, and then verify that the new user account exists.

  2. Modify a property of an existing user and verify that the modified property replicates with the user.

Successful logon request

Verify that users can log on successfully.

  1. Disconnect the Windows Server 2003 “based domain controller to confirm that the Windows NT 4.0 “based domain controller is validating the user logon request.

  2. Verify that you can log on successfully by using the new user account credentials from each client computer.

  3. Verify that all client operating systems in the upgraded domain and the domains that it trusts can log on successfully.

  4. Repeat step number two over trust relationships where the trusting domain controller has a secure channel with the Windows NT 4.0 “based and Windows Server 2003 “based domain controllers in the trusted domain.

Successful resource access

Verify that the user can access important resources.

  1. Access e-mail resources.

  2. Access roaming profiles.

  3. Access printers.

  4. Resource permissions belonging to the user and a group .

Develop a Recovery Plan

Create a recovery plan for use if the domain upgrade process does not go as planned. Select a Windows NT 4.0 BDC to be used as a rollback server. Synchronize the BDC with the PDC and take the rollback server offline in the event that it must be promoted to a PDC to restore the domain to its original state. Although you are unlikely to need the offline domain controller, it is recommended that you take one offline as a precautionary step if the Security Accounts Manager (SAM) account database on all domain controllers becomes corrupt.

Include the following in your recovery plan:

  • The steps needed for recovery.

  • The estimated time that can elapse before recovery must take place. When elements of the upgrade process test unsuccessfully, you might spend unanticipated amounts of time identifying and correcting errors. Establish clear guidelines for the time period after which the deployment team must restore operations for end users.

Restoring the Domain to its Original State

If your upgrade process fails, you can roll back a Windows Server 2003 Active Directory domain to its original state as a Windows NT 4.0 domain. You can roll back the deployment to its original state in one of two ways:

Note  

The first recovery method is preferred for restoring a domain to its original state. Use the second recovery method if the SAM database on all domain controllers becomes corrupt.

  1. Remove (either by disconnecting the network cable or turning off) any Windows Server 2003 “based domain controllers from the domain.

  2. Promote a Windows NT 4.0 BDC to become the PDC.

  3. Synchronize all Windows NT 4.0 “based domain controllers.

  4. Test Windows NT 4.0 server operations and domain validation.

  5. Resolve the issues that caused the domain upgrade to fail, and begin the upgrade process again.

“ or “

  1. If a failure occurs after performing the steps above, remove all Windows Server 2003 “based domain controllers from the network and promote the Windows NT 4.0 BDC that is designated as the rollback server to become the PDC.

  2. Perform a full synchronization of all Windows NT 4.0 BDCs.

  3. Test Windows NT 4.0 server operations and domain validation.

  4. Resolve the issues that caused the domain upgrade to fail, and begin the upgrade process again.

    Important  

    You must take all Windows Server 2003 “based domain controllers offline before you promote the rollback server to become the new PDC. If any Windows Server 2003 “based domain controllers remain online in the domain, the promotion of the BDC to a PDC will not work.




The Microsoft Windows Server Team Migrating from Microsoft Windows NT Server 4.0 to Windows Server 2003
Migrating from Microsoft Windows NT Server 4.0 to Windows Server 2003
ISBN: 0735619409
EAN: 2147483647
Year: 2004
Pages: 96

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net