1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Upgrading a domain to W2008

Discussion in 'Active Directory Exams' started by Phoenix, Jun 14, 2007.

Click here to banish ads and support Certforums by becoming a Premium Member
  1. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    I took the plunge the other day and upgraded my domain to a Windows 2008 domain, a pretty straightforward process for anyone who has done a 2000 - 2003 migration, I just wanted to jot down a few points for those who might never of done these things before :)

    Firstly, before you can add a Windows Server 2008 domain controller, you have to prepare your existing AD for the inclusion of the new DC, now the new DC has some added bells and whistles so the Schema needs to be updated to be able to deal with this

    we run the following command on the current schema master for the forest root domain

    adprep.exe /forestprep

    this will prepare the forest with the required schema updates
    *be aware that if you have an x86 DC at present you can not use adprep.exe from the x64 CD as it will not work, you must use the x86 CD to perform this upgrade

    next you must upgrade every domain that you wish to place windows server 2008 DCs in, for most people this will likely be a single domain

    adprep.exe /domainprep

    this will make your domain ready to accept Windows server 2008 domain controllers
    technically, your domain is now a Windows Server 2008 domain, as all schema and domain updates have occurred, however you have no DC to make use of any of the new schema objects and features

    now onto the fun part

    in our Windows server 2008 system we have a number of roles we can add from Server Manager
    we want to add the Active Directory Domain Services role, once this is complete we can go ahead and upgrade the server to a domain controller

    Again in Server manager, we navigate to the roll and there will be lots of red marks, at the top there will be a message saying this system has not yet been promoted to a domain controller, click the link to resolve this by performing a dcpromo

    The wizard is much like the 2k3 wizard, with a few bells and wishes, you will notice a checkbox on the first page of the wizard to use 'advanced mode' i did this so can't comment on the 'non advanced mode' installation

    the wizard itself is straightforward enough, it informed me that I could not install a Read Only Domain Controller at this time due to some prerequisite tasks having not been performed

    not a major problem for me as I did not want a RODC anyway :)

    Once the wizard completes, a reboot is required as expected, and a new Windows Server 2008 DC is born!

    Now the next step for me is to transfer my FSMO roles and remove the windows 2003 DC from my network
    with this complete I can probably upgrade to some flashy native mode I assume (isn't that always the way? lol)

    This also means I will get rid of my last remaining physical server (apart from my firewall)
    everything now runs on my VMware ESX Farm (running ESX 3.01)

    The windows server 2008 firewall looks spanky good too, more on that when I play some more :)
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  2. Tinus1959

    Tinus1959 Gigabyte Poster

    Starting to study for the 2008 server just yesterday.
    Thanx for this write up!
    Certifications: See my signature
  3. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    Hi Mate, can I assume that you're running the beta version? Cause if you are and you've upgraded a live domain/forest and it works, then I'll do the same (soon).

    Certifications: CITP, PGDip, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MSc in Tech Management
  4. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    I cant really say its a 'live' system, its my home domain, which is used quite extensively for everything from VPN access to authenticated proxy rules, cant say it would be a major bust if it stopped working for a while though

    I wouldnt recommend using it in a corporate live environment yet though
    Certifications: MCSE, MCITP, VCP
    WIP: > 0

Share This Page