How long do you have to keep the 2003 boxes around? What does the end state look like from a DC perspective? How big is the environment? Multiple sites? Single forest? Single domain?
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kennedy, Jim Sent: Friday, May 20, 2016 2:22 PM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] RE: Domain controller updates Are you in a position where you can remove the 2003 DC's before adding 2012 R2 DC? Perhaps after hours or on a weekend. Spin up a couple 2008's, even if they are on desktop boxes....transfer the roles. Depromo the 2003's and bring up the 2012's. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Brian Desmond Sent: Friday, May 20, 2016 2:15 PM To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com> Subject: [NTSysADM] RE: Domain controller updates I agree with Bob. Take the time to patch them to SP2+ before you do this. Thanks, Brian Desmond w - 312.625.1438 | c - 312.731.3132 From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Free Jr., Bob Sent: Friday, May 20, 2016 12:08 PM To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com> Subject: [NTSysADM] RE: Domain controller updates If they are truly at 2003 RTM, my money would be on you having difficulties, potentially serious. I have done several AD upgrades from 2003-2008 & 2003-2012 and if it was an environment of any consequence, I wouldn't touch this with a 10 foot pole (or whatever the metric equivalent is.) There are articles outlining which additional patches and measures you should have on a *fully patched* systems before introducing up-level DCs. Even then, there are specific problems you may encounter with mixed DCs even though the 2003's are patched. Study the TechNet article(s) about updating 2003 domains and follow carefully. You will be able to rule some, or a lot of it out for your environment but there are multiple potential gotchas. Ensure you have the AD specific patches that aren't necessarily in WU. We had to pull some down manually that our SCCM guys weren't getting from WU. It very well might be easier and less risky to do a slam-bang upgrade to 2012R2 and skip the co-existence phase but I don't know your environment or constraints. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Gavin Wilby Sent: Friday, May 20, 2016 6:28 AM To: 'ntsysadm@lists.myitforum.com' Subject: [NTSysADM] Domain controller updates Hi, I have got a 2003 functional level forest/ domain with 2x 2003 servers and 1x 2008 server acting as DC's. One of the 2003 servers holds all of the FSMO roles. I have stood up a new 2012R2 server, fully patched it and added the ADDS role to it, but not yet promoted it. It will also take over the FSMO roles in time. Having checked it appears that none of the current DC's have ever been updated from the day they were put in. Now bearing in mind they are all to be de-commisioned in the long term is there any point in patching them before adding the new 2012r2 DC, or if I leave them at RTM, am I going to experience issues with bringing a new DC online? Anyone done this? Gavin Wilby IT Support Engineer SMP Partners Ltd Clinch's House, Lord Street, Douglas, Isle of Man IM99 1RZ Tel +44 1624 682214 Mob +44 7624 480575 gavin.wi...@smppartners.com<mailto:gavin.wi...@smppartners.com> www.smppartners.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.smppartners.com_&d=CwMFAg&c=hLS_V_MyRCwXDjNCFvC1XhVzdhW2dOtrP9xQj43rEYI&r=TA_mjBT8bS0r8rLrnubGjA&m=zoEmnM7lVEvepk8HWXSaniQiNqI207JnnxX3GG1tH0E&s=lDY2-UTtNBUojvUCBGEdjlvCjOgk_ZIk5XW6VcOiXBU&e=> A member of the SMP Partners Group of Companies SMP Partners Limited, SMP Trustees Limited and SMP Fund Services Limited are licensed by the Isle of Man Financial Services Authority. SMP Accounting & Tax Limited is a member of the ICAEW Practice Assurance Scheme. SMP Partners Limited registered in the Isle of Man, Company Registration No: 000908V Directors: M.W. Denton, M.J. Derbyshire, S.E McGowan, O. Peck, J.J. Scott, S.J. Turner SMP Trustees Limited registered in the Isle of Man, Company Registration No: 068396C Directors: A.C. Baggesen, J.M. Cubbon, M.W. Denton, K.M. Goldie, O Peck, J. Watterson SMP Fund Services Limited registered in the Isle of Man, Company Registration No: 120288C Directors: V. Campbell, R.K. Corkill, M.W. Denton, D.A. Manser, S.E McGowan, J.J. Scott, E. Tansell SMP Accounting & Tax Limited registered in the Isle of Man, Company Registration No: 001316V Directors: I.F. Begley, A.J. Dowling, P. Duchars, J.J. Scott, S.J. Turner SMP Capital Markets Limited registered in the Isle of Man, Company Registration No: 002438V Directors: M.W. Denton, M.J. Derbyshire, D.F Hudson, S.E McGowan, O. Peck, S. J. Turner SMP Partners Limited, SMP Trustees Limited, SMP Fund Services Limited, SMP Accounting & Tax Limited and SMP Capital Markets Limited are members of the SMP Partners Group of Companies. This email is confidential and is subject to disclaimers. Details can be found at: http://www.smppartners.com/disclaimer.html<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.smppartners.com_disclaimer.html&d=CwMFAg&c=hLS_V_MyRCwXDjNCFvC1XhVzdhW2dOtrP9xQj43rEYI&r=TA_mjBT8bS0r8rLrnubGjA&m=zoEmnM7lVEvepk8HWXSaniQiNqI207JnnxX3GG1tH0E&s=OarI17lNXMOzJq1NodFONn64lHefkDd9XYKmdfdw9gI&e=> ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.symanteccloud.com&d=CwQFAg&c=hLS_V_MyRCwXDjNCFvC1XhVzdhW2dOtrP9xQj43rEYI&r=TA_mjBT8bS0r8rLrnubGjA&m=zoEmnM7lVEvepk8HWXSaniQiNqI207JnnxX3GG1tH0E&s=UXtYwTz4pOPTG22dZ_tsoLKaqMyn6E47gbiPLsoRjTk&e=> ______________________________________________________________________ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.