Tag Archives: Windows Server 2003

Windows Server 2003 Migration: Tasks Part 4 – Implementation

Posted on by

We documented our inventory, created a plan, allocated the resources, procured the budget, and practiced our migration in a development environment. Now we are at the point where we need to implement our design in production. On the Active Directory side, this is a migration that should require minimal to no downtime. On the application side, downtime needed is determined by the application being migrated. Even if you believe there will be no downtime, it is preferable to schedule a maintenance window for the cutover and do the prep work beforehand. If we wait until a scheduled maintenance window, users know that access to systems is limited. The maintenance window gives you time to work without the pressure of connected users being inconvenienced. As we all know, even with scheduled downtime, you will always have that user who will be upset because you had a system down between the non-working hours of 2 to 5 a.m. on the Sunday morning of a holiday weekend. Even though your company has absolutely no weekend business hours. Ever. To be fair though, don’t make your scheduled maintenance window for your tax firm the morning of April 15.

As stated, the Active Directory side can be done with minimal to no down-time. We can build the required servers and have them ready for integration. We may want to wait until the maintenance window to promote the new domain controllers. We will have less chance of issues and faster initial replication when there is minimal network traffic. You may even want to isolate your servers from the rest of the network (if possible). One idea is to keep servers on separate switches from the rest of the network. If you need to isolate the servers, just pull the plug on the connection to the other switches.

How we integrate the new servers will determine the amount of changes that need to populate to the client side. Do not cut corners for the sake of expedience. For instance, giving a new DNS server the IP address of the existing DNS server it is replacing would keep you from having to change the populated DNS server address on the clients. For a very small environment, this may work fine. However, for a larger environment, it may not turn out to be as seamless as we think. Instead, we should consider a short period of coexistence as we move towards the new servers. Changes to settings on the clients can then be performed in groups of clients at a time. This will give us the opportunity to fix issues without everyone being affected. Almost all new settings on the client side can be populated utilizing DHCP and GPOs. If we utilize GPOs, we can delegate who gets the changes and when. Also, there are some steps in the migration process that we may want to set and then wait before doing more. Here are the general steps in performing an AD migration from Server 2003 to Server 2012:

  1. Make sure your current domain does not have any existing issues. This can be accomplished by running DCDIAG. Resolve any issues that the DCDIAG reports. This is usually the time that someone discovers an existing replication issue they did not know about.
  2. Make sure the domain functional level is Windows 2003. If not, change it. We are, of course assuming that you do not have any Windows 2000 Domain Controllers. That would require more planning and steps for this project. There is a confusion about domain functional level. This refers to the level of your domain controllers only. It does not matter is you have member servers of a previous generation. For instance, you can have a domain functional level of 2008 and still have Windows 2003 servers in it. The 03 servers are just not domain controllers.
  3. Know which servers have the FSMO roles. (On a domain controller, open a command prompt and run ‘netdom query fsmo’.)
  4. Prepare the domain if needed. If you are migrating to Windows 2008 R2, you will need to run ADPREP. If you are migrating to Windows Server 2012 R2, you do not have to run ADPREP. It is included in the process when adding the Active Directory Domain Services (AD DS) role to the 2012 server.
  5. Install your 2012 R2 server and add it to the domain.
  6. Add the AD DS role to your 2012 R2 server. Follow the steps in the wizard.
  7. Transfer your FSMO roles.
  8. Configure services like DHCP for the new servers.
    1. Update settings on the client side.
    2. Run for an initial coexistence period.
  9. Remove your Windows 2003 domain controllers by demoting them.
  10. Raise the domain functional level. 

This procedure is for the migration of Active Directory. It does not take into account the migration of applications hosted on Windows Server 2003. Those tasks are a separate part of the plan, but you should now be ready to move forward on those tasks.

At this point, this series of posts has given you the basic steps needed to perform a migration from Windows Server 2003 to Windows Server 2012 R2. This series was meant to give you an overview of the process and help you find the information you need. I cannot stress enough, how important it is for you to plan this out properly and test. If done right, a migration from 2003 AD is not difficult and usually goes very smoothly. If you run into issues, you are affecting your Active Directory configuration. Recovering AD can be a difficult task. In some cases, it’s so difficult, it was easier to just rebuild the domain from scratch. If you do not have the in-house expertise or are uncomfortable with aspects of this project, you can always seek help. I recommend getting help from the trained network professionals at Custom Systems.

As always, I welcome your comments or questions. Please feel free to leave them below or email me directly. Also, be sure to bookmark our site for more information from Microsoft. Also, please be sure to register for our live, Microsoft event – Windows Server 2003:  Security Risk and Remediation on February 18.

AZS-3

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)|
Sr. Network Consultant
craig.kalty@customsystems.com

 

 

 

©2015 Custom Systems Corporation

Windows Server 2003 Migration Resources

Posted on by

Microsoft will end support for Windows Server 2003/R2 on July 14, 2015.

Now is the time to migrate.

Here are some links and resources to help as you prepare for your Windows Server 2003 migration. Be sure to bookmark this page to avoid missing new resources as they are added.

Windows Server 2003 migration

– Understand what end of support means, directly from Microsoft, via Custom Systems Corporation.

Great resources from our own blog:

Upgrading Windows Server 2003 Active Directory

This is a basic guide to help walk you through the upgrade of  Server 2003 Active Directory to Server 2012 R2.

Migrating from Windows Server 2003: 64-bit vs. 32-bit

This this post, we’ll explain  one of the key points involved in moving off the Windows 2003 platform – moving from 32-bit computing to 64-bit.

Windows Server 2003 Migration: Planning Considerations

Where does your organization fall today, in planning the migration process from Windows Server 2003.

Windows Server 2003 Migration: Tasks Part 1 – Inventory

Just because a resource is not a Windows Server 2003, it does not mean it is exempt from the effects of the migration. In this first task, review your current inventory to prepare for server migration.

Windows Server 2003 Migration: Tasks Part 2 – Planning

Now that we have our inventory, it is time to plan our Windows Server 2003 migration.

Windows Server 2003 Migration: Tasks Part 3 – Build and Test

Now we need to build what we’ve designed.

Windows Server 2003 Migration: Tasks Part 4 – Implementation

We documented our inventory, created a plan, allocated the resources, procured the budget, and practiced our migration in a development environment. Now we are at the point where we need to implement our design in production.

Finally…

Be sure to bookmark the Windows Server 2003 Countdown Clock on our site. You’ll also find great resources directly from Microsoft here. The network services professionals at Custom Systems are trained to perform the tasks outlined in our blogs, necessary for your organization to migrate from Windows Server 2003. You can reach our sales team by calling us at 800.539.3523 or by email.  Please feel free to leave any questions or comments below.

Windows Server 2003 Migration: Tasks Part 1 – Inventory

Posted on by

Know your environment. The very first task you need to do in a Windows Server 2003 migration is to update your inventory on your infrastructure. This does not mean only your Windows server 2003, this means your entire infrastructure. Why? Because you need to know exactly what you have, if there are any pitfalls, and if there are any synergies you can take advantage of. Just because a resource is not a Windows Server 2003, it does not mean it is exempt from the effects of the migration. In fact, you may need to update other resources in order to function with the results of the migration. You need to account for the following:

  • The quantity of Windows Server 2003 you have and their functions. How many are domain controllers? How many are just member servers?
  • The resources that are not Windows Server 2003.
  • Of the documented resources, the quantity of them still in use. You would be surprised how many organizations have orphaned servers and resources still in their environment because no one knew it was safe to remove them.
  • The hardware those resources reside on. Is the hardware still viable for today’s workloads? Is the hardware worth supporting?
  • The software/applications residing on resources. We need to know who owns it, is it still used, the resources required to install and operate the software, and if the software can be migrated.
  • The business units who use the resources. Talk to the people to find out if they actually still need the resources. Find out if they have any projects or plans to upgrade their applications that will facilitate the migration from Windows Server 2003.
  • The other resources or clients that need to communicate with the Windows Server 2003. For example, do you have a database or share on Windows Server 2003 that other servers are accessing?
  • The servers housing applications that can’t be migrated. Legacy software is one of the primary reasons we still have older servers with older operating systems. The software is still in use or is legally needed for archival purposes. There may be no upgrade path for the legacy system.
  • The people resources available. You will need to know if you have the staff with the needed experience and knowledge, the subject matter experts on the software applications, and the manpower-time needed for the project.

I won’t go into detail here on how to perform your inventory of your infrastructure. Various third-party vendors have products (inventory management systems) to help you. There are also tools on the Internet available to help with the task. Microsoft provides the Assessment and Planning Toolkit.

Once you have your inventory, you can start working on your plan. With the inventory and knowledge of the resources, you have the basis needed to determine priorities, tasks, resource assignment, scheduling and more. Now, we can move onto the planning: See our blog “Windows Server 2003 Migration: Tasks Part 2 – Planning” (available soon).

As always, I welcome your comments or questions. Please feel free to leave them below or email me directly.

AZS-3

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)|
Sr. Network Consultant
craig.kalty@customsystems.com

 

 

 

©2015 Custom Systems Corporation

Migrating from Windows Server 2003: 64-bit vs. 32-bit

Posted on by

Windows Server 2003 End of Life

On July 14, 2015, Windows Server 2003 Microsoft support will end. Meaning, after that date, there will be no more security fixes, hot-fixes, patches, or any other type of development for Server 2003 from Microsoft. It also means that if you have an issue and call in for Microsoft support, they will no longer open a support case for you. To find out the information from the source and to get ideas on how to move forward, click here. Over the next few months, we will be presenting blogs with information on migrating from Windows Server 2003. In this blog I am going to discuss a topic that is a major factor in migration.

Moving from 32-bit to 64-bit

One of the key points involved in moving off the Windows 2003 platform is going from 32-bit computing to 64-bit. 32-bit and 64-bit computing refer to a change in the instruction set for processors (CPUs) and how processors handle memory. Bits (binary digit) refer to the smallest units of computer data (a value of 1 or 0). As the number of bits in a computational value increase, the amount of data the value can hold increases. A 64-bit value exponentially holds a greater amount of data than a 32-bit. This difference is exhibited the most in physical memory addressing. The key differences of 64-bit computing over 32-bit computing is more memory. Memory limits in 32-bit Windows Operating Systems (OS) depended on the version in use and the 32-bit address space. Windows Server 2003 Standard had a limit of 4GB of memory, while Datacenter and Enterprise had a 64GB limit. In a 64-bit world, the Windows OS version still controls memory limits, but the 64-bit address bar has been raised. Windows Server 2012 Standard and above have a memory limit of 4TB. In fact, hardware is actually the primary limiting factor over software.

There is a Windows Server 2003 64-bit edition, but the adoption rate of that version was extremely low. The vast majority of Windows 2003 Server implementations were 32-bit. This happened for a number of reasons. The 64-bit server product was bleeding edge when it was introduced. Until Windows Server 2008, development for 64-bit products was not mainstream. Few software vendors factored in 64-bit compatibility in their code until Windows Server 2008. On the consumer side, 32-bit was the comfortable norm and 64-bit was factored in only when there were obvious gains. Requirements and advantages in Exchange and SQL were some of the primary factors for using the 64-bit version of 2003 over the 32-bit version. The number of users you could connect to one server through terminal services was greatly increased, but then you had to make sure that you were using software that worked in 64-bit terminal services.

It’s all about compatibility

So, what does all this mean in relation to migrating off Windows Server 2003? Compatibility. Will the software we have running in Windows Server 2003 work in 64-bit 2008 or 2012 servers? Will we have software drivers available on 64-bit that are as comprehensive as the ones we used in 32-bit systems? 64-bit servers are backward compatible and will run 32-bit applications, but not all 32-bit applications are 64-bit compatible. Applications with high resource demands probably moved towards 64-bit computing a while ago to take advantage of the increase in memory and processing power. However, we still have the issue of legacy software. We may only have licenses for a certain version of an application. We may need to pay for licensing of a later version. Or the licensing was based on the server OS. For instance, our 2003 Terminal Server CALs will not work with 2008 or 2012. We will need new licenses for that. What if there is no upgrade for that legacy system that will only work on a 32-bit system? All software issues will need to be researched and a plan developed to move forward.
Look for upcoming blogs, where we will discuss the research and testing needed, peripheral drivers (printers, scanners, etc.), SQL and Exchange requirements, backup solutions and more. Stay tuned and as always, please feel free to post your questions or comments below. You can also email me directly.

 

AZS-3

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)|
Sr. Network Consultant
Craig.Kalty@CustomSystems.com

 

 

 

©2015 Custom Systems Corporation

Upgrading Windows Server 2003 Active Directory

Posted on by

windows server 2003 R2Windows Server 2003 was like XP.  Everyone loved it and never wanted to move off of it.  And just like XP, the time is coming quickly where you will need to move away from the much loved server or become vulnerable to threats very quickly.  Once support has ended for Windows Server 2003 there will be no more security patches, but the threats will still be there.

One of the most common systems that I see on Windows Server 2003 these days is Active Directory.  That tends to be true since moving Active Directory can be a long and tedious process.  It can also cause numerous issues along the way.

Below is a basic guide on upgrading your Windows Server 2003 Active Directory to Windows Server 2012 R2.  I would not recommend doing this on your own.  This is something that takes planning and careful consideration.  Projects like this are where companies such as Custom Systems are a perfect choice.

In case you were not aware, End of Life (EOL) for support of Windows Server 2003 is currently slated for July 14, 2015.  That date is fast approaching and will be here before you know it.  Make sure to plan for these upgrades with ample time to complete them.

I will not get into what Active Directory is and what it does, as it provides authentication and authorization services as well as a framework for other related services that can be deployed.

The below guide is only a reference and should not be considered the perfect solution for all upgrades.  Each upgrade will differ and will require extensive planning. This guide assumes that you have a 2012 R2 server installed as well as have installed the Active Directory role.  Again this guide is not to be followed without proper planning and assistance.

First step is to Transfer the Flexible Single Master Operations (FSMO) Role

  1. Open the Active Directory Users and Computers console on your new Windows Server 2012 R2 computer.
  2. Right click your domain and select Operations Masters in the sub menu.
  3. In the Operations Masters window, ensure the RID tab is selected.
  4. Select the Change button.Dec 15 post 1
  5. Select yes when asked about transferring the Operations Master role.
  6. Once the Operations Master role has successfully transferred, click OK to continue.
  7. Ensure the Operations Master box now shows your new 2012 R2 Windows Server.
  8. Repeat steps 4 to 6 for the PDC and Infrastructure tabs.
  9. Once completed, click Close to close the Operations Masters window.
  10. Close the Active Directory Users and Computers window.

Changing the Active Directory Domain Controller

  1. Open the Active Directory Domains and Trusts console on your new Windows Server 2012 R2 computer.
  2. Right click your domain and select Change Active Directory Domain Controller… in the sub menu.
  3. In the Change Directory Server window, select This Domain Controller or AD LDS instance.
  4. Select your new 2012 R2 Windows Server.Dec 15 post 2
  5. Click OK to continue.
  6. Back in the Active Directory Domains and Trusts window, hover over the Active Directory Domains and Trusts found in the folder tree on the left hand side to ensure the server now reflects your new 2012 R2 Windows server.
  7. Right click Active Directory Domains and Trusts found in the folder tree and select Operations Manager… in the sub menu.
  8. In the Operations Master window, click Change to transfer the domain naming master role to the 2012 R2 Windows Server.
  9. When asked if you are sure you wish to transfer the operations master role to a different computer, click yes.
  10. Once the operations master is successfully transferred, click OK to continue.
  11. Click Close to close the Operations Master window.
  12. Close the Active Directory Domains and Trusts console.

 Changing the Schema Master

  1. Open a command prompt in administration view on your new Windows Server 2012 R2 computer.
  2. On the command prompt window, enter regsvr32 schmmgmt.dll and hit enter.
  3. Once completed successfully, click OK to close the RegSvr32 window.Dec 15 post 3
  4. Close the command prompt.

 Add the Active Directory Schema Console from MMC

  1. Open a MMC console on your new Windows Server 2012 R2 computer.
  2. Click File > Add/Remove Snap-in…
  3. In the Add or Remove Snap-ins window, select Active Directory Schema and click the Add > button.Dec 15 post 4
  4. Click OK to continue.

 Change the Schema Master

  1. In the same MMC console, right click Active Directory Schema and select Change Active Directory Domain Controller… in the sub menu.
  2. In the Change Directory Server window, select This Domain Controller or AD LDS instance.
  3. Select your new 2012 R2 Windows Server.
  4. Click OK to continue.
  5. A warning will appear stating that the Active Directory Schema snap-in in not connected. Click OK to continue.
  6. Hover over the Active Directory Schema folder in the folder tree to ensure the new Windows Server 2012 R2 computer is shown.
  7. Now right click Active Directory Schema and select Operations Master… in the sub menu.
  8. In the Change Schema Master window, click Change to transfer the schema master role to the 2012 R2 Windows Server.
  9. When asked if you are sure you wish to transfer the schema master role to a different computer, click yes.
  10. Once the schema master is successfully transferred, click OK to continue.
  11. Click Close to close the Change Schema Master window.
  12. In the MMC, click File > Exit.
  13. When asked to save the console, click No.

Once completed, open the Active Directory Users and Computers console to verify that the Active Directory database successfully replicated to your new Windows Server 2012 R2 computer.  Be aware that the database replication may take some time depending on the number of objects in Active Directory.

 Removing the 2003 Windows Server from the Global Catalog Server

  1. Open Active Directory Sites and Services on your new Windows Server 2012 R2 computer.
  2. Expand the Sites folder, then the Default-First-Site-Name folder, then the Servers folder.
  3. Expand both listed servers. One should be your new Windows Server 2012 R2 and one should be your  Windows Server 2003.
  4. Right click NTDS Settings found under your old 2003 Windows Server.
  5. In the sub menu, select Properties.
  6. Under the General Tab, unselect Global Catalog and then click the Apply button.
  7. Click OK to continue.
  8. Close the Active Directory Sites and Services window.
  9. Verify that your new 2012 R2 Windows Server is running the FSMO role by opening the command prompt in Administrative view and running the following command: Netdom query fsmo.
  10. In the Network and Sharing Center, be sure to change the Preferred DNS server to match the Alternate DNS server, then delete the IP address listed under the Alternate DNS server should it currently be pointed to the old 2003 Windows Server.

All that’s left is to demote the old 2003 Windows server by first adding the new 2012 R2 Windows Server as the Primary DNS, followed by running DCPROMO (which is deprecated in Server 2012) to demote the old 2003 Windows server.

As I stated earlier, this is a basic guide to help you understand what to expect during a Windows Server upgrade. As always, please post your comments and questions below or email me directly.

 

Ryan Ash

 

Ryan Ash
Network Consultant
ryan.ash@customsystems.com

 

 
©Custom Systems Corporation 2014