Why not use the native tools then? ADMTv2 is pretty good. As for the same netbios names. Yuck. Hopefully the clients will be using new WINS servers then? :)
As for the apps, I think you're skirting the issue to deal with it another day. I also think some of those apps are likely to fail miserably when they hit 2K3's security changes. You'll know soon I suspect. Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:50 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Unorthodox NT4 -> W2k3 Migration Plan??? Hello everyone, I'm looking for some peer feedback on part of a migration plan. We are currently an NT4 environment. We've decided to go with W2k3 & AD for our migration. We're doing a parallel migration into a W2k3 Native functional level forest. This was specifically to give us easier roll-back capability and to allow us to leave *most* of the "junk" behind. The unorthodox parts of the migration are as follows: The AD forest will have an empty PFR (protected forest root) domain, and all users and various other objects will go into a child domain. The child FQDN of the child domain will be logically named based on our infrastructure standards, but the *netbios* name of the child domain will be the same as our NT4 domain. No I'm not crazy...and it is possible. The DCs of the AD forest will each sit on a separate VLAN than the servers in the NT4 domain. This setup keeps netbios broadcast traffic separate. This also keeps the domains from seeing their respective twin. Correspondingly they aren't answering each other's requests for service. Also since the DCs are on separate VLANs from the NT4 domain, they are also on different subnets. Although the setup will be well documented, if someone were to *accidentally* plug one of the AD DCs into the wrong port, it wouldn't matter since the DC wouldn't be able to communicate with its IP on the wrong subnet. The reason the NetBIOS names are being kept the same is for ease of migration, specifically application migration. We have about 500 servers and have a very large number of server based application running. As with many environments, we're sure that there are applications that have the domain name hardcoded or manually entered and thus not easily changed. This migration method would seem to allow us to get the best of all worlds. The caveats that I've encountered thus far actually exist with 3rd party migration applications. Migration applications tend to see the migration as being from Domain A to Domain A even when specifying particular domain controllers. If the respective migration tool would either ignore NetBIOS names or only use DNS names, their would be no issue. Has anyone else tried this before? Is this actually a common path? Any constructive feedback would be appreciated. Eric Jones, Senior SE Intel Server Group (W) 336.424.3084 (M) 336.457.2591 www.vfc.com List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
