I know a number of folks on this mailing list use VMware, so I thought I would ask this here.
I have a VMware ESX cluster, and want to practice the steps for upgrading my domain from AD 2000 to AD 2003 (then, AD2008 later). I can recall doing something similar 3 years back with the regular VMware Server, but that was on a physically isolated network. Here, I want to do it on the production ESX cluster. My AD structure: root domain, and then a child domain. The root domain is pretty much empty; we use the child domain for all our users, servers, etc. I already have a root domain DC and a working domain DC, as VMs. So here's what I am thinking of doing. Create a new vSwitch, but assign it to no physical NICs. That should completely isolate it. Create a new port group within this new vSwitch, using a separate, private IP range (i.e., 172.16.x.x) Clone each of the 2 DC VMs. Assign each of the new cloned DCs to the new port group. Start'em both up. >From the root cloned DC, manually seize all the FSMO roles for the root domain. (do I need to use ADSIEDIT to remove references to the other DCs for this domain?) - so now the cloned root DC has all the FSMO roles for the root domain >From the child cloned DC, manually seize all the FSMO roles for the child domain. (do I need to use ADSIEDIT to remove references to the other DCs for this domain?) - so now the cloned child DC has all the FSMO roles for the child domain So what I have now is a virtualized copy of my domain structure, with each of the virtual DCs now having all the FSMO roles for their respective domains. I will then make a clone of both of these, so that I can always get back to this particular point in the configuration. Have I missed anything so far? At this point, I should be able to practice upgrading the domains to 2003 level. Do forest prep/schema prep on the root domain. Create a Win2003 member server from a template; join to the root domain, and then install AD on it. It should then pull up the whole domain to be a 2003 AD domain. The process of upgrading the domain to 2003 AD level should upgrade *both* the root and child domains, right? But (at this point) there are no Win2003 servers in the child domain, so is the 2003 server handling both domains at that point? That's where I am confused. Pointers/links/personal horror stories needed. Thanks -- Michael Leone Network Administrator, ISM Philadelphia Housing Authority 2500 Jackson St Philadelphia, PA 19145 Tel: 215-684-4180 Cell: 215-252-0143 <mailto:[email protected]> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
