ROT: Windoze Servers...

Have a small voluntary organisation who we do odd little bits of
support for. Been let down pretty badly by their 'official' support
company, who basically have just told them they they have enough
business not to have to worry abot little charities any longer so they
can bugger off...

There are a couple of immediate issues the organisation needs to
address, and for some odd reason, I've allowed myself to be
'volunteered' into helping them...

They currently have a Windows NT4 server whith three patritions on one
drive as:

Build (C
System (D
Data (E

they have 'shared profiles' - so any of the advisors can login via any
machine and get their own desktop, notes etc. There are individual
and group folders on the data drive/partition.

They run a local DNS on the same box, that's about all.

They have been given a new server with licensed Windows 2000 Advanced
Server and need it to take over from the old - not long for this life,
NT4 box.

I have no real idea where to start, so can anyone who knows about Doze
domains and Active Directory type stuff - please give me a quick run
down of the various terms and relationships? Also, some key into
migrating the stuff and services on the NT4 box to the Win2KAS box?

I've got myself a little confused with the domain controller stuff and
promoting one to 'tother etc...

I did suggest they move to a *nix solution, but the blank stares made
me feel better to stick with what they sort of know...


--
"We have gone from a world of concentrated knowledge and wisdom to one
of distributed ignorance. And we know and understand less while being
increasingly capable." Prof. Peter Cochrane, formerly of BT Labs
In memory of Brian {Hamilton Kelly} who logged off 15th September 2005

Mother wrote:

> I have no real idea where to start, so can anyone who knows about Doze
> domains and Active Directory type stuff - please give me a quick run
> down of the various terms and relationships? Also, some key into
> migrating the stuff and services on the NT4 box to the Win2KAS box?

It's 3:40am and I'm rescuing a dead Doze server so I can't help you
right now.... if nobody gives you the help you need then tomorrow once I
wake up I'll drop you an email.

--
EMB

Mother <"@ {mother} @"@101fc.net> wrote:

> Have a small voluntary organisation who we do odd little bits of
> support for. Been let down pretty badly by their 'official' support
> company, who basically have just told them they they have enough
> business not to have to worry abot little charities any longer so they
> can bugger off...
>
> There are a couple of immediate issues the organisation needs to
> address, and for some odd reason, I've allowed myself to be
> 'volunteered' into helping them...
>
> They currently have a Windows NT4 server

vanilla NT4 or the SBS version?

> whith three patritions on one
> drive as:
>
> Build (C
> System (D
> Data (E

What is 'build'? source/install images?

> they have 'shared profiles' - so any of the advisors can login via any
> machine and get their own desktop, notes etc. There are individual
> and group folders on the data drive/partition.

Are you sure they really have 'shared profiles' and not simply a
collection of shared directories (folders).

Shared profiles creates a shed-load of data copies around the network
everytime a user logs in/out - essentially 'My Documents' is mirrored to
the server.

> They run a local DNS on the same box, that's about all.

DHCP?
Exchange?

> They have been given a new server with licensed Windows 2000 Advanced
> Server and need it to take over from the old - not long for this life,
> NT4 box.

How many users/resources? The pain of recreating from scratch may be less
than jumping the migration hoops.

FWIW: I start from scratch with the small networks I've upgraded.

> I have no real idea where to start, so can anyone who knows about Doze
> domains and Active Directory type stuff - please give me a quick run
> down of the various terms and relationships? Also, some key into
> migrating the stuff and services on the NT4 box to the Win2KAS box?
>
> I've got myself a little confused with the domain controller stuff and
> promoting one to 'tother etc...

a windows domain is simply speaking - an administrative entity. keeping
it simple with one windows domain, users identify themselves to the domain
(un/pw) and are granted rights (to shared directories/printers etc.) based
on their credentials.

loads of info on technet at microsoft.com - but you will get bogged down
in minutiae.

much help/info on the microsoft news groups - server is:
msnews.microsoft.com

Active directory is new-speak for windows domain.

> I did suggest they move to a *nix solution, but the blank stares made
> me feel better to stick with what they sort of know...

heh

Glad to assist where I can - if you have more detail.

btw: I assume there's no budget ... if there is, let me recommend
http://www.appichar.co.uk

--
William Tasso

"Mother" <"@ {mother} @"@101fc.net> wrote in message
news:[email protected]...
> Have a small voluntary organisation who we do odd little bits of
> support for. Been let down pretty badly by their 'official' support
> company, who basically have just told them they they have enough
> business not to have to worry abot little charities any longer so they
> can bugger off...
>
<plea for help snipped>

Where abouts in the UK is this charity? If's its in the West Midlands or
immediate surrounding area I could take a look....a bit of foreigner work is
just what's needed right now!! If only to help me keep running the
Rangey...£68 to fill up yesterday!!

Paul

Mother" <"@ {mother} @ wrote:
> Have a small voluntary organisation who we do odd little bits of
> support for. Been let down pretty badly by their 'official' support
> company, who basically have just told them they they have enough
> business not to have to worry abot little charities any longer so they
> can bugger off...
>
> There are a couple of immediate issues the organisation needs to
> address, and for some odd reason, I've allowed myself to be
> 'volunteered' into helping them...
>
> They currently have a Windows NT4 server whith three patritions on one
> drive as:
>
> Build (C
> System (D
> Data (E
>
> they have 'shared profiles' - so any of the advisors can login via any
> machine and get their own desktop, notes etc. There are individual
> and group folders on the data drive/partition.
>
> They run a local DNS on the same box, that's about all.
>
> They have been given a new server with licensed Windows 2000 Advanced
> Server and need it to take over from the old - not long for this life,
> NT4 box.
>
> I have no real idea where to start, so can anyone who knows about Doze
> domains and Active Directory type stuff - please give me a quick run
> down of the various terms and relationships? Also, some key into
> migrating the stuff and services on the NT4 box to the Win2KAS box?
>
> I've got myself a little confused with the domain controller stuff and
> promoting one to 'tother etc...
>
> I did suggest they move to a *nix solution, but the blank stares made
> me feel better to stick with what they sort of know...

To be fair, AD isn't a simple technology to explain and the complexities of
a migration from NT4 to an AD infrastructure are not simple and there are a
great many gotcha's to be wary of.

Whereabouts is the client?

--
Darren Griffin
PocketGPSWorld - www.PocketGPSWorld.com
The Premier GPS Resource for News, Reviews and Forums

I got rid of all the nt4 servers anywhere i worked a long time ago.

I think that i generally did the migration by starting off a new
domain to replace the old one!
On a server 2000/2003 box you can pretty much set up a new domain with
dns and dhcp working by just running the 'configure my server' wizard.
After that its only a case of adding the users and moving the shares
across.

I've just done some googling, and it sounds like the only way of
turning an NT4 based domain into a server 2000/3 one is by upgrading
the NT4 PDC (primary domain controller) to server 2000/3 first.

Alternatively you could install nt4 on your new server. upgrade that
then promote it to a PDC before upgrading it to 2000. some stuff here
- http://tinyurl.com/bpfua

Dealing with NT4 is a bit of a pain though.



I think i would do it by starting off a new domain. There are less
tricky/awkward faults that can happen this way.

set up your new server with 2000. Run the 'configure my server' wizard
and tell it it is a new domain controller for a new domain.

You can export the users from the nt4 server and put them back in on
the 2000 one using the 'addusers' command.

Copy the shares across and reshare them. I've written scripts to
reshare things and you should be able to find stuff if you google. Its
a shame you are not going to 2003 server as there is a 'file server
migration wizard' which is useful and does it all for you.

Go round the network and readd the clients to the new domain (this is
easy enough and doesnt take long)

On Mon, 30 Jan 2006 13:37:54 +0000, Mother <"@ {mother} @"@101fc.net>
wrote:

>Have a small voluntary organisation who we do odd little bits of
>support for. Been let down pretty badly by their 'official' support
>company, who basically have just told them they they have enough
>business not to have to worry abot little charities any longer so they
>can bugger off...
>
>There are a couple of immediate issues the organisation needs to
>address, and for some odd reason, I've allowed myself to be
>'volunteered' into helping them...
>
>They currently have a Windows NT4 server whith three patritions on one
>drive as:
>
>Build (C
>System (D
>Data (E
>
>they have 'shared profiles' - so any of the advisors can login via any
>machine and get their own desktop, notes etc. There are individual
>and group folders on the data drive/partition.
>
>They run a local DNS on the same box, that's about all.
>
>They have been given a new server with licensed Windows 2000 Advanced
>Server and need it to take over from the old - not long for this life,
>NT4 box.
>
>I have no real idea where to start, so can anyone who knows about Doze
>domains and Active Directory type stuff - please give me a quick run
>down of the various terms and relationships? Also, some key into
>migrating the stuff and services on the NT4 box to the Win2KAS box?
>
>I've got myself a little confused with the domain controller stuff and
>promoting one to 'tother etc...
>
>I did suggest they move to a *nix solution, but the blank stares made
>me feel better to stick with what they sort of know...

Unless they've got thousands of users start a new domain - it's less
hassle than upgrading more often than not. It also reduces the
downtime.

How do they do email and internet?

Have a good look through the installed applications to make sure they
aren't running anything they forgot to tell you about. There's always
ten little applications they forgot about that suddenly become
mission-critical once the NT4 box is switched off. Most NT4 stuff
works fine on 2000, but there's always the oddments that won't.

--
Tim Hobbs

On Mon, 30 Jan 2006 20:15:44 +0000, Tim Hobbs <[email protected]> wrote:


>Unless they've got thousands of users start a new domain - it's less
>hassle than upgrading more often than not. It also reduces the
>downtime.
>
>How do they do email and internet?
>
>Have a good look through the installed applications to make sure they
>aren't running anything they forgot to tell you about. There's always
>ten little applications they forgot about that suddenly become
>mission-critical once the NT4 box is switched off. Most NT4 stuff
>works fine on 2000, but there's always the oddments that won't.

I should have stressed that more.

The benefit of starting a new domain on a new server is that you dont
have to touch the old one - or turn it off until youre fully happy

You can set the new one up. move one client machine across to it and
say 'now test that' - and if you find youve missed owt you dont move
anybody else across. It should involve virtually no downtime.

Mother" <"@ {mother} @ wrote:
> Have a small voluntary organisation who we do odd little bits of
> support for. Been let down pretty badly by their 'official' support
> company, who basically have just told them they they have enough
> business not to have to worry abot little charities any longer so they
> can bugger off...
>
> There are a couple of immediate issues the organisation needs to
> address, and for some odd reason, I've allowed myself to be
> 'volunteered' into helping them...
>
> They currently have a Windows NT4 server whith three patritions on one
> drive as:
>
> Build (C
> System (D
> Data (E
>
> they have 'shared profiles' - so any of the advisors can login via any
> machine and get their own desktop, notes etc. There are individual
> and group folders on the data drive/partition.
>
> They run a local DNS on the same box, that's about all.
>
> They have been given a new server with licensed Windows 2000 Advanced
> Server and need it to take over from the old - not long for this life,
> NT4 box.
>
> I have no real idea where to start, so can anyone who knows about Doze
> domains and Active Directory type stuff - please give me a quick run
> down of the various terms and relationships? Also, some key into
> migrating the stuff and services on the NT4 box to the Win2KAS box?
>
> I've got myself a little confused with the domain controller stuff and
> promoting one to 'tother etc...
>
> I did suggest they move to a *nix solution, but the blank stares made
> me feel better to stick with what they sort of know...

I'd create the new server first, then use Robocopy to move the data over to
preserve share rights. Robocopy (Robust Copy) should still be available for
download from Microsoft - it's the only way to copy data across servers
while maintaining all the attributes. Should work in this case, but it's
been a while since I last saw an NT box. And use the wizards as much as you
can if you're not familiar with Win2K. It's very different to NT4.

K

--
"I'd far rather be happy than right any day."
- Slartibartfast

Mother wrote:

> I did suggest they move to a *nix solution, but the blank stares made
> me feel better to stick with what they sort of know...

If they are like that, would they even notice if you did nuke the box
from orbit ? The latest SAMBA handles AD stuff too AFAIK.

Steve

Hi Martin

My business is advising on what you are doing. So I will try and advise
you. Please feel free to email me at gcarter(at)mweb(.)co(.)zw for more
details.

A windows domain is a groups of Windows NT or 2000 servers who share a
common list of users.

Assuming the NT4 box is a domain controller, it is quite easy to move all
the stuff. The easiest way if you have the Windows 2000 CD is to use that
to upgrade the NT4 box to Windows 2000 - then it will migrate all the user
accounts for you automatically.

Warning!!!! DO NOT USE A STANDARD INTERNET DOMAIN FOR THE WINDOWS 2000
DOMAIN!!! So do not make the WINDOWS domain "charity.com" or
"charity.co.uk".
Make it "charity.local". The reason is the Windows domain is not the same
as
their email domain, as it is purely local to their network. If you use an
Internet domain, you will find the system sending DNS queries to the
Internet, and it will slow down the user manager tools.

The other way of moving the accounts is create a new Windows 2000 domain.
Then use the Active Directory migration tool downloadable from Microsoft to
move all the users and groups.

On moving all the profiles, this should largely involve copying the files
from old server to new server, and resetting the profile path in the Active
Directory Users and Computers application. You will need to share the
folder on the new server, and the profile will probably be something like
\\newserver\profiles\%username%

On the DNS, the domain upgrade wizard will set up the DNS for you. There
are a couple of tweaks that can make the system more efficient, or if you
find that the server never drops the Internet phone connection.

Any other specific items you need help on, please let me know, and I will
try and advise.

Cheers!
Graham Carter.
Carter Computer Services
P.O. Box A1619,
Avondale
Harare
Zimbabwe

Hi Martin

My business is advising on what you are doing. So I will try and advise
you. Please feel free to email me at gcarter(at)mweb(.)co(.)zw for more
details.

A windows domain is a groups of Windows NT or 2000 servers who share a
common list of users.

Assuming the NT4 box is a domain controller, it is quite easy to move all
the stuff. The easiest way if you have the Windows 2000 CD is to use that
to upgrade the NT4 box to Windows 2000 - then it will migrate all the user
accounts for you automatically.

Warning!!!! DO NOT USE A STANDARD INTERNET DOMAIN FOR THE WINDOWS 2000
DOMAIN!!! So do not make the WINDOWS domain "charity.com" or
"charity.co.uk".
Make it "charity.local". The reason is the Windows domain is not the same
as
their email domain, as it is purely local to their network. If you use an
Internet domain, you will find the system sending DNS queries to the
Internet, and it will slow down the user manager tools.

The other way of moving the accounts is create a new Windows 2000 domain.
Then use the Active Directory migration tool downloadable from Microsoft to
move all the users and groups.

On moving all the profiles, this should largely involve copying the files
from old server to new server, and resetting the profile path in the Active
Directory Users and Computers application. You will need to share the
folder on the new server, and the profile will probably be something like
\\newserver\profiles\%username%

On the DNS, the domain upgrade wizard will set up the DNS for you. There
are a couple of tweaks that can make the system more efficient, or if you
find that the server never drops the Internet phone connection.

Any other specific items you need help on, please let me know, and I will
try and advise.

Cheers!
Graham Carter.
Carter Computer Services
P.O. Box A1619,
Avondale
Harare
Zimbabwe

On Sat, 4 Feb 2006 20:16:21 +0200, "Graham Carter"
<[email protected]> wrote:

>Warning!!!! DO NOT USE A STANDARD INTERNET DOMAIN FOR THE WINDOWS 2000
>DOMAIN!!! So do not make the WINDOWS domain "charity.com" or
>"charity.co.uk".
>Make it "charity.local". The reason is the Windows domain is not the same
>as
>their email domain, as it is purely local to their network. If you use an
>Internet domain, you will find the system sending DNS queries to the
>Internet, and it will slow down the user manager tools.
>
You can't add mac's into a .local AD domain. It doesnt work properly.

Not that this probably bothers Martyn but i've had to restart a domain
off to sort it out and thats a pain (and i now use proper FQDN's)