PlayUKlottery.com - win up to 42 million Pounds
Lesson 3: Upgrading Domain Controllers and Member Servers

Cover
LOC Page
About This Book
Chapter and Appendix Overview
Getting Started
The Microsoft Certified Professional Program
Technical Support
Chapter 1 -- The Microsoft Windows 2000 Platform
Lesson 1: Overview of the Windows 2000 Platform
Lesson 2: Windows 2000 Professional
Lesson 3: Windows 2000 Server
Lesson 4: Windows 2000 Advanced Server and Windows 2000 Datacenter Server
Review
Chapter 2 -- Installing Windows 2000
Lesson 1: Preparing to Install
Lesson 2: Installing Windows 2000 from a CD-ROM
Lesson 3: Installing Windows 2000 over the Network
Lesson 4: Troubleshooting Windows 2000 Setup
Review
Chapter 3 -- Configuring the DNS Service
Lesson 1: Understanding DNS
Lesson 2: Resolving Names
Lesson 3: Installing the DNS Service
Lesson 4: Configuring the DNS Service
Lesson 5: Configuring a DNS Client
Lesson 6: Troubleshooting the DNS Service
Review
Chapter 4 -- Implementing Active Directory Directory Services
Lesson 1: Introduction to Active Directory Directory Services
Lesson 2: Active Directory Structure and Site Replication
Lesson 3: Active Directory Concepts
Lesson 4: Introduction to Planning
Lesson 5: Installing Active Directory Directory Services
Lesson 6: Configuring Active Directory Replication
Review
Chapter 5 -- Administering Active Directory Directory Services
Lesson 1: Creating Organizational Units
Lesson 2: Creating User and Computer Accounts
Lesson 3: Managing Groups
Lesson 4: Controlling Access to Active Directory Objects
Review
Chapter 6 -- Managing Desktop Environments with Group Policy
Lesson 1: Understanding Group Policy
Lesson 2: Applying Group Policy
Lesson 3: Configuring Group Policy
Review
Chapter 7 -- Managing Software by Using Group Policy
Lesson 1: Introducing the Software Installation and Maintenance Technology
Lesson 2: Deploying Software
Lesson 3: Upgrading Software
Lesson 4: Managing Software
Review
Chapter 8 -- Managing File Resources
Lesson 1: Sharing and Publishing File Resources
Lesson 2: Administering Shared Folders by Using Dfs
Lesson 3: Using NTFS Special Access Permissions
Lesson 4: Managing Disk Quotas on NTFS Volumes
Lesson 5: Increasing Security with EFS
Lesson 6: Using Disk Defragmenter
Review
Chapter 9 -- Configuring Remote Access
Lesson 1: Understanding the New Authentication Protocols in Windows 2000
Lesson 2: Configuring Inbound Connections
Lesson 3: Configuring Outbound Connections
Lesson 4: Examining Remote Access Policies
Lesson 5: Creating a Remote Access Policy
Review
Chapter 10 -- Supporting DHCP and WINS
Lesson 1: New DHCP Functionality
Lesson 2: New WINS Functionality
Review
Chapter 11 -- Managing Disks
Lesson 1: Introduction to Disk Management
Lesson 2: Common Disk Management Tasks
Review
Chapter 12 -- Implementing Disaster Protection
Lesson 1: Using Fault-Tolerant Volumes
Lesson 2: Using Advanced Startup Options
Lesson 3: Using the Recovery Console
Lesson 4: Using the Backup Utility
Lesson 5: Performing an Emergency Repair
Review
Chapter 13 -- Upgrading a Network to Windows 2000
Lesson 1: Planning a Network Upgrade
Lesson 2: Establishing the Root Domain
Lesson 3: Upgrading Domain Controllers and Member Servers
Lesson 4: Upgrading Client Operating Systems
Review
Chapter 14 -- Using Remote Installation Services
Lesson 1: Performing Remote Installations
Lesson 2: Creating Distribution Servers
Review
Appendix A -- Questions and Answers
Appendix B -- Creating Setup Disks
About This Electronic Book
About Microsoft Press


[Previous] [Next]

Lesson 3: Upgrading Domain Controllers and Member Servers

In Windows NT 4.0, the PDC and the BDCs authenticate domain logons and maintain the directory database for the domain. You upgrade domain controllers and member servers running previous versions of Windows NT to either Windows 2000 Server or Windows 2000 Advanced Server. Once you upgrade all of your domain controllers to Windows 2000, you can take full advantage of the enhanced administrative features offered in Windows 2000 by switching the domain from mixed mode to native mode. This allows the domain to fully use the new features of Active Directory directory services.

After this lesson, you will be able to

  • Explain how to upgrade domain controllers to Windows 2000.

  • Explain how to upgrade and promote member servers to Windows 2000.

Estimated lesson time: 25 minutes

Identifying Server Upgrade Paths

You upgrade domain controllers and member servers running previous versions of Windows NT to either Windows 2000 Server or Windows 2000 Advanced Server. Table 13.1 lists the upgrade paths for server operating systems.

Table 13.1 Windows 2000 Upgrade Paths for Member Servers

Upgrade from Upgrade to
PDC or BDC running Windows NT Server 3.51 or 4.0 Domain controller, Windows 2000 Server, or Windows 2000 Advanced Server.
Member server running Windows NT Server 3.51 or 4.0 Windows 2000 Server or Windows 2000 Advanced Server. After the upgrade, you can change it to a domain controller if required.
Windows NT Advanced Server 3.1, Windows NT Server version 3.5 Windows NT Server, version 3.51 or 4.0 first, then upgrade to Windows 2000 Server or Windows 2000 Advanced Server.

Upgrading Domain Controllers

In Windows 2000 networks, all domain controllers running Windows 2000 have equal status in the domain. When you upgrade Windows NT 4.0 or 3.51 PDCs and BDCs to Windows 2000, there is no longer a distinction between PDCs and BDCs. Instead, they become peer domain controllers.

Upgrading Member Servers

You also upgrade member servers running Windows NT Server 3.51 and 4.0 to Windows 2000. This allows them to take advantage of Active Directory directory services. You can promote these member servers to domain controllers as necessary.

Preparing to Upgrade

Before you start the upgrade process, there are a couple of things you need to do to prepare to upgrade your domain controllers and member servers. First of all, make sure that all your computers meet the minimum hardware requirements for Windows 2000 Server and Advanced Server. Then prepare a rollback strategy in case there are any upgrade problems. Finally prepare the domain controllers and member servers for the upgrade.

Identifying the Minimum Hardware Requirements

Before you upgrade a domain controller or a member server to Windows 2000, make sure that the computers on the network meet the minimum hardware requirements. Table 13.2 describes the hardware requirements.

Table 13.2 Windows 2000 Server Minimum Hardware Requirements

Hardware Minimum requirements
Processor Intel Pentium 166 MHz or higher Compaq Alpha AXP
Memory Pentium-based: 64 MB for member servers, 128 MB or higher for domain controllers
Compaq Alpha-based: 96 MB for member servers, or 128 or higher for domain controllers
Hard Disk Up to 1.2 GB of free space on the boot partition, depending upon the file system, and 6 MB of free space on the system partition.
Video VGA or higher video card and monitor.
Other Components Compact disc installation: CD-ROM or DVD-ROM drive.
Networking Network adapter card and related cables.
Accessories Keyboard and mouse or other pointing device.

Creating a Rollback Strategy

To create a rollback strategy, preserve one BDC with the current directory database. To do this, synchronize a BDC with the PDC, and then take the fully synchronized BDC offline. Keep this BDC available until you are certain the upgrade is successful. If problems occur during the upgrade, you can reinstate the offline BDC, promote it to a PDC, and recover your system state.

Preparing the Domain Controllers and Member Servers

There are some steps you should do to prepare your domain controllers and member servers to be upgraded. Before you start the Windows 2000 Setup wizard, you should do the following:

  1. Remove any virus scanners, third-party network service, or client software. Read the Release Notes file (Relnotes on the Windows 2000 CD-ROM) for information about any known problems with specific applications.

  2. Disconnect the serial cable that connects an uninterruptible power supply (UPS) device. During setup, Windows 2000 attempts to detect devices connected to serial ports, which can cause problems with UPS equipment.

  3. If your system contains Industry Standard Architecture (ISA) devices that are non-Plug and Play, set your system basic input/output system (BIOS) to reserve all interrupt requests (IRQs) currently in use by non-Plug and Play ISA devices. Failure to do so might result in the error message INACCESSABLE_BOOT_DEVICE. In some cases, the non-Plug and Play ISA devices might not function.

Upgrading a Primary Domain Controller

You upgrade the PDC to Windows 2000 first, and then use the Active Directory Installation wizard to configure the new domain.

Upgrading the Domain Controller

To complete the domain controller upgrade process, you would do the following:

  1. If you are upgrading from a CD-ROM, insert the Windows 2000 CD-ROM into the CD-ROM drive. The Windows 2000 Setup wizard starts automatically.

    2. If you are upgrading from the network, run Winnt32.exe, which is located in the shared folder that contains the Windows 2000 installation files.

  2. The setup program upgrades the operating system.

  3. The computer reboots and automatically logs on as Administrator.

  4. The Active Directory Installation wizard automatically runs.

  5. Configure the new domain using the guidelines explained below.

Configuring the Domain

When the setup program finishes, the computer restarts and Windows 2000 automatically logs on as Administrator. The Active Directory Installation wizard (Dcpromo.exe) starts and helps you to configure the new domain environment and to migrate user, group, and computer accounts to Active Directory directory services.

To use the Active Directory Installation wizard to configure the new domain environment, follow the on-screen instructions. When prompted, select the appropriate configuration options.

Table 13.3 describes the configuration options in the Active Directory Installation wizard when configuring a domain environment:

Table 13.3 Windows 2000 Upgrade Paths for Member Servers

Select this option If you are upgrading
Domain Controller For A New domain A PDC. This option creates a new Windows 2000 domain.
Create A New Domain Tree
or
Create A New Child Domain In An Existing Domain Tree 		A PDC in the first Windows 2000 domain in a tree.

A PDC in a new domain in an existing tree
Create A New Forest Of Domain Trees
or
Place This New Domain Tree In An Existing Forest		 A PDC in a new domain in an existing tree.

A PDC in a new domain tree in an existing forest. This option enables users to access resources in the other trees.

Practice: Upgrading a Windows NT 4.0 Primary Domain Controller to Windows 2000

In this practice, you upgrade a computer running Windows NT 4.0 server that is configured as a Primary Domain Controller (PDC) to Windows 2000 Server using a CD-ROM. You install Active Directory directory services, create a new Windows 2000 domain, and install DNS on this computer. You will then use the Active Directory Users and Computers snap-in to view your domain controller.

NOTE
DNS should not already be installed on this computer. TCP/IP should be the only network protocol installed on this computer. The TCP/IP address being used should be static.

  • To upgrade a Windows NT 4.0 PDC to Windows 2000 Server

    1. Log on to the PDC as Administrator.

    2. Insert the Windows 2000 Server CD-ROM into the CD-ROM drive.

      3. A Microsoft Windows 2000 CD message box appears indicating that the CD-ROM contains a newer version of Windows than the one you are presently running and asks if you would like to upgrade to Windows 2000.

    3. Click Yes to begin the upgrade.

      4. Setup displays the Welcome To The Windows 2000 Setup Wizard screen.

    4. Ensure that Upgrade To Windows 2000 (Recommended) is selected, and then click Next to continue.

      5. Setup displays the License Agreement screen.

    5. Read the license agreement, click I Accept This Agreement, and then click Next to agree with the licensing terms.

      6. The Upgrading To The Windows 2000 NTFS File System dialog box appears asking you if you want Setup to upgrade the drive to NTFS.

    6. Click Yes, Upgrade My Drive, and then click Next.

      7. The Report System Compatibility screen appears and lists any items found that are not compatible with Windows 2000.

    7. Review the information provided on the Report System Compatibility screen, and then click Next.

      8. Setup copies some installation files and then restarts the computer.

      Setup loads some additional files, and then Windows 2000 starts.

      Setup copies files to the Windows 2000 installation folders. This may take several minutes.

      Setup initializes your Windows 2000 configuration and then restarts the computer a second time.

      Setup detects and installs devices on the computer. This may take several minutes.

      Setup installs the Networking components.

      Setup installs the Windows 2000 components.

      Setup performs the final tasks: Installing Start menu items, Registers components, Saves Settings, and Removes any temporary files used.

      Setup restarts your computer. The Welcome To The Active Directory Installation wizard appears.

  • To install Active Directory

    1. On the Welcome To The Active Directory Installation Wizard screen, click Next.

      2. The Create Tree Or Child Domain page appears.

    2. Ensure that Create A New Domain Tree is selected, and then click Next.

    NOTE
    If you want to create a child domain in an existing Windows 2000 domain, select Create A New Child Domain In An Existing Domain.

      The Create Or Join Forest page appears.

    1. Ensure that Create A New Forest Of Domain Trees is selected, and then click Next.

      2. The Install Or Configure DNS page appears.

    NOTE
    DNS should not already be installed on the computer. In this exercise we are going to install DNS on the computer you are upgrading.

    1. Ensure that No, Just Install And Configure DNS On This Computer is selected, and then click Next.

      2. The New Domain Name page appears.

    2. In the Full DNS Name For New Domain box type domain.com and then click Next.

    NOTE
    If you are on a network, check with your network administrator to make sure it is OK to use this as your DNS domain name.

      Setup displays the Database And Log Locations page.

    1. Ensure that C:\Winnt\NTDS is in both the Database Location box and the Log Location box, and then click Next.

    NOTE
    If your PDC did not have Windows NT 4.0 installed in the default location of C:\Winnt both locations should default to the Ntds folder in the folder containing the Windows NT 4.0 installation that you upgraded to Windows 2000.

      The Shared System Volume page appears.

    1. Ensure that C:\Winnt\SYSVOL is in the Folder Location box, and then click Next.

    NOTE
    If your PDC did not have Windows NT 4.0 installed in the default location of C:\Winnt the Folder Location box should default to the SYSVOL folder in the folder containing the Windows NT 4.0 installation that you upgraded to Windows 2000. The SYSVOL folder must be located in a Windows 2000 NTFS volume.

      The Permissions page appears.

    1. Click to select Permissions Compatible Only With Windows 2000 Servers, and then click Next.

    NOTE
    If your computer is on a network containing computers running something other than Windows 2000, you would select Permissions Compatible With Pre-Windows 2000 Servers.

      The Directory Services Restore Mode Administrator Password page appears. This allows you to specify a password for this server's Administrator account.

    1. Type password in the Password and Confirm Password boxes.

      2. The Summary page appears.

    2. Review the information contained on the summary page, and then click Next to continue.

      3. The wizard installs and configures DNS and Active Directory. This may take several minutes.

    3. When the Completing The Active Directory Installation Wizard page appears, read the information on The Active Directory Installation page, remove the CD-ROM from the CD-ROM drive, and then click Finish.

    NOTE
    This domain controller is assigned to the site "Default-First-Site-Name".

      An Active Directory Installation Wizard message box appears indicating that Windows must be restarted before the changes made by the Active Directory Installation Wizard take effect.

    1. Click Restart Now.

      2. The computer restarts.

  • To use the Active Directory Users and Computers snap-in to view your domain controller

    1. Log on to the domain controller as Administrator with a password of password.

      2. The Microsoft Windows 2000 Configure Your Server screen appears.

    2. Close the Microsoft Windows 2000 Configure Your Server window.

    3. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users And Computers.

      4. The Active Directory Users And Computers window appears.

    4. Expand domain.com.

    NOTE
    If you did not use domain.com for your domain name, double-click your domain name.

    1. In the console tree, click Domain Controllers.

      2. Notice that Server1 appears in the details pane.

    NOTE
    If you did not use Server1 as your server name, the name of your server appears in the details pane.

    1. Close the Active Directory Users And Computers window.

    Upgrading Backup Domain Controllers

    After you upgrade the PDC for the domain to Windows 2000, you upgrade the BDCs to Windows 2000. You use the same process to upgrade BDCs as you do to upgrade PDCs. Start the Windows 2000 Setup wizard to begin the installation process. Follow the onscreen instructions to complete the upgrade.

    After the operating system upgrade is complete, the Active Directory Installation wizard runs to allow you to configure the domain. To complete the upgrade, select the Additional Domain Controller In Existing Domain option in the Active Directory Installation wizard. This adds the upgraded computer to the existing domain as a domain controller.

    NOTE
    The Windows 2000 Setup wizard will not let you upgrade a BDC until after the PDC has been upgraded. The Setup wizard checks the operating system version of the PDC before starting the upgrade to verify the PDC upgrade has already occurred.

    When you upgrade a BDC, you must ensure that the system clock on the BDC is synchronized with the system clock on the domain controllers in your network. The Active Directory Installation wizard prompts you for an administrative username and password that is used to add the additional domain controller to the domain. If the difference in the system clocks is too great, the user account you specify will not be accepted, and you will be unable to join the domain.

    Switching from Mixed to Native Mode

    After you upgrade all domain controllers on your network, you switch the domain from mixed mode to native mode. This allows the network to take full advantage of Windows 2000 functionality.

    Understanding Mixed Mode

    When you first create a domain, the domain runs in mixed mode. A mixed mode domain enables Windows 2000 domain controllers to interact with other domain controllers that are running versions of Windows NT Server. Domain controllers running versions of Windows NT are referred to as downlevel domain controllers.

    In mixed mode

    • The domain still uses the upgraded PDC as the domain master for replication with BDCs running Windows NT Server 3.51 or 4.0.

    • Computers upgraded from Windows NT Workstation 4.0 or Windows NT Server 4.0 continue to use Windows NT 4.0 system policy.

    • Group functionality new to Windows 2000 Server, such as the ability to nest groups, is not available.

    Understanding Native Mode

    After you upgrade all the domain controllers, and if you do not plan to add any additional downlevel domain controllers to the domain, you can switch the domain to native mode. A native mode domain contains only Windows 2000 Server domain controllers.

    In native mode

    • The PDC is no longer the domain master for replication. Instead, all domain controllers replicate with each other as peers.

    • Windows NT Server 3.51 or 4.0 domain controllers cannot function in a native Windows 2000 domain.

    • Computers upgraded from Windows NT Workstation 4.0 or Windows NT Server 4.0 use Windows 2000 group policy instead of Windows NT 4.0 system policy.

    • Group functionality new to Windows 2000 becomes available.

    Switching the Domain to Native Mode

    To switch domain controllers from mixed to native mode, you would do the following:

    1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Domains And Trusts.

    2. Expand your domain and then open the properties for your_domain.

    3. On the General page, click Change Mode.

      4. The Active Directory Service displays a warning stating that once you change the domain mode to native mode, you cannot change back to mixed mode.

    4. Click Yes, and then click OK to close the properties page for your_domain.

    NOTE
    After switching to native mode, Windows 2000 might prompt you to restart all domain controllers in your domain. If you get this message, you do not need to restart any domain controllers. This is a limitation in pre-release versions of Windows 2000.

    Upgrading and Promoting Member Servers

    You can upgrade your member servers to Windows 2000 before, during, or after the domain upgrade process. In addition, you can promote member servers to domain controllers after the operating system upgrade, as necessary.

    Upgrading a Member Server to Windows 2000

    To upgrade the member server to Windows 2000, insert the CD-ROM and follow the on-screen instructions to complete the upgrade. After the upgrade, the member server will still be a member of its domain or workgroup. During an upgrade, local user and group accounts are stored in the registry of the member server and do not get moved to Active Directory directory services.

    NOTE
    When you upgrade a member server that is running the DHCP Service, be sure to authorize the DHCP Service in Active Directory directory services, or the service will not start. Servers running the DHCP Service are not automatically authorized when upgraded to Windows 2000.

    Promoting a Member Server to a Domain Controller

    To promote a member server to a domain controller, run Dcpromo.exe after upgrading to Windows 2000.

    When you promote the domain controller, local user and group accounts on the member server are moved to Active Directory directory services. This maintains the permissions previously assigned to resources on that server.

    Lesson Summary

    You upgrade domain controllers and member servers running previous versions of Windows NT to either Windows 2000 Server or Windows 2000 Advanced Server. All domain controllers running Windows 2000 have equal status in the domain. When you upgrade Windows NT 4.0 or 3.51 PDCs and BDCs to Windows 2000, there is no longer a distinction between PDCs and BDCs. Instead, they become peer domain controllers.

    You also upgrade member servers running Windows NT Server 3.51 and 4.0 to Windows 2000. This allows them to take advantage of Active Directory directory services. You can promote these member servers to domain controllers as necessary.

    Before you start the upgrade process, make sure that all your computers meet the minimum hardware requirements for Windows 2000 Server and Advanced Server. You should also prepare a rollback strategy in case there are any upgrade problems and prepare the domain controllers and member servers for the upgrade.

    After you upgrade all domain controllers on your network, you switch the domain from mixed mode to native mode. This allows the network to take full advantage of Windows 2000 functionality. When you first create a domain, the domain runs in mixed mode. A mixed mode domain enables Windows 2000 domain controllers to interact with other domain controllers that are running versions of Windows NT Server.