Active Directory Migration
-
Scott - do I recall correctly - Windows licensing allows you to install full Windows locally - install Hyper-V service, then install 2 VMs (as long as the base install is only used to manage the VMs)?
Assuming that's right, do that.
Install the Hyper-V service in 2012 R2 as it stands, then create at least one VM, install 2012 R2 into that. Join the domain, move the data from the hardware installed OS to the VM, make sure it all works.
Make sure all other services that SBS provides - DNS, DHCP, SharePoint, Exchange, etc are moved to the new VM (those that you are using of course), promote the VM to a DC, decom the SBS box.Transferring AD from one server to another is super easy. Of course you start by having two Domain Controllers.
When you correctly demote the old server, it will send all needed info to the newer DC, and it will be in charge now.
It's almost that simple. The step by step is a bit more, but not much.Though - you'll want to update your DHCP with the DNS address of your new DC several days before you do this to ensure that info is passed around to all clients.
-
@Joel said:
If I promote as a DC what happens to the 2003 as that point - you say I have a few days but whats the technicals behind what happens when you promote another new DC on the network?
Once you promote another DC to the Forest Root, SBS disables. SBS cannot exist with another DC owning the forest. It will not be joined to the domain, it will be effectively useless. It won't catch on fire or burn up the data. But it will suck if you want it to still do anything.
-
@Dashrender said:
Scott - do I recall correctly - Windows licensing allows you to install full Windows locally - install Hyper-V service, then install 2 VMs (as long as the base install is only used to manage the VMs)?
Assuming Server 2012 R2 Standard, yes.
-
So the best option would be to move the file share to a new VM. Then promote the new DC. Then let the SBS server lockup?
-
@Joel said:
Would you suggest 1st step I install Hyper V on the new 2012 server, then backup the data on the SBS. Then create a VM on the 2012 and promote that as a DC?
- Install Hyper-V
- Create two VMs (one for AD, one for FS)
- Join AD to the Domain
- Remove AD on the old instance with only SBS and this new AD VM remaining
- Migrate all file shares to the new FS VM
- Turn off everything but AD on the SBS machine
- Promote the 2012 R2 AD VM to forest root
- Have bonfire and roast marshmallows around the burning remains of the SBS box
-
@scottalanmiller said:
@Joel said:
Would you suggest 1st step I install Hyper V on the new 2012 server, then backup the data on the SBS. Then create a VM on the 2012 and promote that as a DC?
- Install Hyper-V
- Create two VMs (one for AD, one for FS)
- Join AD to the Domain
- Remove AD on the old instance with only SBS and this new AD VM remaining
- Migrate all file shares to the new FS VM
- Turn off everything but AD on the SBS machine
- Promote the 2012 R2 AD VM to forest root
- Have bonfire and roast marshmallows around the burning remains of the SBS box
I actually LOL'd at the last comment
That leaves me to ask - How do I remove AD on the old SBS? I cant recall!!! (point 4 above)
When I promote the 2012 to Forest root, will that migrate the AD info? -
Do a dcpromote just to be sure, but the forest root move should trigger it anyway.
-
I would start by removing the new server again and formatting it.
Install Hyper-V server
Join to domain
Create new VM1
Join VM1 to domain
Make VM1 a DC
Create VM2
Join VM2 to domain
Move shares to VM2
Move DHCP to VM1
Shut down SBS and confirm everything works
Turn SBS on, and transfer FSMO to VM1
Remove SBS from domain
Turn off box
Burn box -
@JaredBusch said:
I would start by removing the new server again and fiormatting it.
Install Hyper-V server
Join to domain
Create new VM1
Join VM1 to domain
Make VM1 a DC
Create VM2
Join VM2 to domain
Move shares to VM2
Move DHCP to VM1
Shut down SBS and confirm everything works
Turn SBS on, and transfer FSMO to VM1
Remove SBS from domain
Turn off box
Burn boxFrom what @scottalanmiller is saying once you join another DC to a SBS domain the SBS server refuses to work correctly. Meaning you could potentially lose the file share etc.
-
@JaredBusch said:
I would start by removing the new server again and fiormatting it.
What's "fiormatting"?
-
You do get something like 21 days before SBS will disable itself. It's not Promote second DC and BAM, the SBS crashes. You do get some time to migrate the rest of stuff off.
-
@coliver said:
From what @scottalanmiller is saying once you join another DC to a SBS domain the SBS server refuses to work correctly. Meaning you could potentially lose the file share etc.
No, that is not what @scottalanmiller said, nor is it how SBS works.
SBS must be the FSMO role holder. That is the only requirement to keep a SBS server functioning correctly.
You can join and remove as many other DC's as you want.
This is not knew and is how SBS worked for its entire lifespan from SBS2003 through SBS2011
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
Agree with virtualizing.
What the "old guy" did is not that bad. He put in a new DC, he just did not decom the old system. As there are only two systems, I would not have expected him to, really.
Is the current system much of a problem? I would consider holding off on a new install until 2016 is available if it is not a major concern right now.
How does he get 2016 though? I'm assuming they bought either an OEM 2012 license with the hardware, or less likely, they bought a FPP license. They'd have to buy an upgrade to move to 2016.
By waiting.
The purchase was already made.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
Agree with virtualizing.
What the "old guy" did is not that bad. He put in a new DC, he just did not decom the old system. As there are only two systems, I would not have expected him to, really.
Is the current system much of a problem? I would consider holding off on a new install until 2016 is available if it is not a major concern right now.
How does he get 2016 though? I'm assuming they bought either an OEM 2012 license with the hardware, or less likely, they bought a FPP license. They'd have to buy an upgrade to move to 2016.
By waiting.
The purchase was already made.
Exactly. This is already owned equipment/licensing.
-
@JaredBusch said:
I would start by removing the new server again and formatting it.
Install Hyper-V server
Join to domain
Create new VM1
Join VM1 to domain
Make VM1 a DC
Create VM2
Join VM2 to domain
Move shares to VM2
Move DHCP to VM1
Shut down SBS and confirm everything works
Turn SBS on, and transfer FSMO to VM1
Remove SBS from domain
Turn off box
Burn boxI agree, start fresh. If nothing critical is there, do this 100% fresh with 100% "known to you" and documented.
-
@JaredBusch said:
I would start by removing the new server again and formatting it.
Install Hyper-V server
Join to domain
Create new VM1
Join VM1 to domain
Make VM1 a DC
Create VM2
Join VM2 to domain
Move shares to VM2
Move DHCP to VM1
Shut down SBS and confirm everything works
Turn SBS on, and transfer FSMO to VM1
Remove SBS from domain
Turn off box
Burn boxThis means he needs another place to put the data that was moved to this server in the mean time.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
Agree with virtualizing.
What the "old guy" did is not that bad. He put in a new DC, he just did not decom the old system. As there are only two systems, I would not have expected him to, really.
Is the current system much of a problem? I would consider holding off on a new install until 2016 is available if it is not a major concern right now.
How does he get 2016 though? I'm assuming they bought either an OEM 2012 license with the hardware, or less likely, they bought a FPP license. They'd have to buy an upgrade to move to 2016.
By waiting.
The purchase was already made.
Oh, of the OS as well, right. Makes sense. Sorry.
-
@Dashrender said:
This means he needs another place to put the data that was moved to this server in the mean time.
Yes, he can simply move it back to the original server.
The problem with keeping the existing server as setup is that it has other roles and those roles means that it takes one of the licenses.
@Joel It is an all around bad setup. Tell the client honestly how f[moderated] up it is. Tell them they were taken for a ride. Tell them you can fix it. Tell them how much time it will take and get money up front. It is not your fault they have to throw good money after bad. That is why they are looking for you anyway.
-
Was it the best option, no of course not, but was it really so horrible either? not really.
What roles does the other server have right now other than file server? Even if it is a DC, that's easily fixed, just DCPROMO it down - problem solved.
Granted, I'm totally for the scrap and start over - the current situation also isn't the end of the world.
Another question - What type of backup solution does this potential client have? how much data is on the server?
What makes anyone think the old server is dieing?
