locked
Server 2003 to 2019, alternative way to migrate users and shares? RRS feed

  • Question

  • We have an old 2003 server that we're switching out with a new server 2019. I am trying to find an alternative way of migrating users and shares to the new servers with as little manual work as possible. There are not that many shared folders to move/copy over but the user part I'd like to automate or partially automate as much as possible.

    Any pointers? Thank you.


    • Edited by eibyer_tn Thursday, March 14, 2019 12:09 AM
    Thursday, March 14, 2019 12:09 AM

Answers

  • Then the simplest would be to migrate rather than building a new domain. This will be a two step process though since you cannot add a 2019 domain controller to a 2003 domain. You also would need to migrate FRS to DFSR.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up a new 2008 R2 or 2012 R2, patch it fully, (you can use a technet evaluation for this purpose), join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one, raise domain functional level, then do FRS to DFSR migration (DFSR is required for 2019 domain controllers)

    Once done, repeat these steps to add a 2019 domain controller.

    Use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new Server 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by eibyer_tn Thursday, March 14, 2019 4:41 PM
    Thursday, March 14, 2019 3:00 PM

All replies

  • Are you asking about local users / workgroup or domain users?

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, March 14, 2019 1:24 AM
  • Hi,

     

    To migrate all user accounts and user settings, please try the following steps:

     

    1. Log on to the source computer as an administrator, and specify the following in a Command-Prompt window:

                  scanstate \\server\share\migration\mystore /i:migdocs.xml /i:migapp.xml /o

    2. Log on to the destination computer as an administrator.

    3. Do one of the following:

    • If you are migrating domain accounts, specify:

                        loadstate \\server\share\migration\mystore /i:migdocs.xml /i:migapp.xml

    • If you are migrating local accounts along with domain accounts, specify:

                       loadstate \\server\share\migration\mystore /i:migdocs.xml /i:migapp.xml /lac /lae

     

    More info:

    Migrate User Accounts

    https://docs.microsoft.com/en-us/windows/deployment/usmt/usmt-migrate-user-accounts

     

    This link contains detail steps how to migrate Windows Server 2003 to Windows Server 2019:

    Migrate from Windows Server 2003 to Windows Server 2019 with Storage Migration

    https://www.virtualizationhowto.com/2018/10/migrate-from-windows-server-2003-to-windows-server-2019-with-storage-migration/

     

    Note: This is a third-party link and we do not have any guarantees on this website. And Microsoft does not make any guarantees about the content.

     

    Hope these are helpful.


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, March 14, 2019 2:07 AM
  • Sorry, I missed that one detail. Domain users.
    Thursday, March 14, 2019 2:47 PM
  • I will give this a try. Thank you.

    The WS2019 server is currently joined in the domain. Once I get the domain users migrated over, what's the easiest way to get the WS2019 to become primary DC since I can't join it as secondary to get promoted?

    Thursday, March 14, 2019 2:50 PM
  • Then the simplest would be to migrate rather than building a new domain. This will be a two step process though since you cannot add a 2019 domain controller to a 2003 domain. You also would need to migrate FRS to DFSR.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up a new 2008 R2 or 2012 R2, patch it fully, (you can use a technet evaluation for this purpose), join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one, raise domain functional level, then do FRS to DFSR migration (DFSR is required for 2019 domain controllers)

    Once done, repeat these steps to add a 2019 domain controller.

    Use dcdiag / repadmin tools to verify health correcting all errors found before starting. Then I'd stand up the new Server 2019, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to verify health, when all is good you can decommission / demote old one.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Marked as answer by eibyer_tn Thursday, March 14, 2019 4:41 PM
    Thursday, March 14, 2019 3:00 PM
  • I will give this a try. Thank you.

    The WS2019 server is currently joined in the domain. Once I get the domain users migrated over, what's the easiest way to get the WS2019 to become primary DC since I can't join it as secondary to get promoted?

    See my reply above as it addresses this.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.



    Thursday, March 14, 2019 3:01 PM
  • Ah, I was thinking of this yesterday but wasn't sure I'd be able to get a WS2008 trial. I'm going to do this now and I'm glad I started on playing with a Hyper-V last week.

    Thanks! Will update if I run into any more technical issue.

    Thursday, March 14, 2019 3:37 PM
  • Sounds good, you're welcome.

     

    (please don't forget to mark helpful replies as answer)

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, March 14, 2019 3:46 PM
  • Got the WS2012R2 up and running but ran into the error message below when joining it as secondary DC. WS2003 forest/domain level are at 2003.

    A domain controller running Windows Server 2008 or later could not be located in this domain. To install a read-only domain controller, the domain must have a domain controller running Windows Server 2008 or later.

    Edit: Downloading a 2008R2 iso now for the next trial... I'm going to get good at this server install lol.
    • Edited by eibyer_tn Thursday, March 14, 2019 11:03 PM
    Thursday, March 14, 2019 10:54 PM
  • Did you check the health and replication was 100% ? Also check that domain functional level is at 2003

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, March 14, 2019 10:58 PM
  • dcdiag tests all passed and both forest and domain functional level at 2003. 
    Friday, March 15, 2019 2:39 PM
  • If you input the DSRM password can you continue?

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, March 15, 2019 2:45 PM
  • In the docs for adding WS2008 to WS2003 domain, it needed adprep/adprep32 /forestprep and /domainprep -- did I miss that in the WS2012 joining?
    Friday, March 15, 2019 6:28 PM
  • It certainly doesn't hurt to try if you like. With the first 2008 it was required but beginning with 2012 ADPREP has been integrated into the AD DS installation and runs automatically as needed.

    https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/upgrade-domain-controllers-to-windows-server-2012-r2-and-windows-server-2012

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Friday, March 15, 2019 6:36 PM
  • My VM disk for the WS2012 developed some issues so I continued with WS2008R2 and I was able to join it to my existing 2003 domain. I'm a little nervous promoting it to PDC and removing AD DS from the WS2003.

    So let's say I get the WS2008 promotion and WS2003 demotion accomplished, is it possible to leave the File Server role (temporarily) in the WS2003 until I'm sure everything worked out properly?

    Thank you very much for your guidance btw... really appreciated.
    • Edited by eibyer_tn Friday, March 15, 2019 9:02 PM
    Friday, March 15, 2019 9:01 PM
  • Leaving the file server on a member server should not be a problem, in fact it would be a cleaner solution to not mix the roles.

    Ok, new info that you're using 2008 R2; in that case you'll need to do the adprep manually. Also note that Windows Server 2008 R2 includes a 32-bit and 64-bit version of Adprep.exe. The 64-bit version runs by default. If you want to run one of the Adprep.exe commands on a 32-bit computer, use the 32-bit version of Adprep.exe (Adprep32.exe).

     More info here.

    https://blogs.technet.microsoft.com/askds/2008/11/11/so-you-want-to-upgrade-to-windows-2008-domain-controllers-adprep/

     or it may be simpler to download 2012 R2 from the evaluation center

    https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Friday, March 15, 2019 9:11 PM
  • Hello again,

    I've been waiting for good timing to demote the WS2003 but just noticed that my WS2008R2 evaluation expired prematurely. Any idea what caused that? That's barely 11 days since I installed it.


    Edit: Ah, I guess some folks have ran into this before already... I'm going to try their suggestion before I reinstall.
    • Edited by eibyer_tn Monday, March 25, 2019 2:34 PM
    Monday, March 25, 2019 2:31 PM
  • I've been waiting for good timing to demote the WS2003 but just noticed that my WS2008R2 evaluation expired prematurely. Any idea what caused that? That's barely 11 days since I installed it.

    Its been a long time since I worked with 2008 R2 evaluations but on newer server OS evaluations (180 day) they must have an internet connection at least for long enough for the activation process to complete otherwise the evaluation ends in ten days and the OS begins to reboot hourly.

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, March 25, 2019 2:40 PM
  • Just reporting back that I successfully moved from WS2003 to WS2008R2 to WS2019. It was a little nerve wracking transferring the FSMO roles as I've not done that before. Then changing from FRS to DFS before I can join the WS2019 to WS2008R2.

    One thing left to do is move the files over to the new machine as the old box is pretty hefty and takes too much space. I found a robocopy batch file from another post and will use that to move the files over tonight.

    My users shares are mapped in \\server-name\share format. Does anyone see any issues renaming the new WS2019 to the name of the old WS2003 machine after I move all of the files? I've already reclaimed the IP of the old server.

    Thursday, March 28, 2019 10:31 PM
  • You can follow along here to rename

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc794951(v=ws.10)

    or may be simpler to just add an alias.

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc772053(v=ws.11)

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, March 28, 2019 10:41 PM