Single-Domain Migration

BDCs and Member Servers
After you migrate your PDC, that machine will emulate a PDC under Win2K to permit interoperation with the BDCs and member servers you haven't yet migrated to Win2K. When you migrate your remaining servers, begin with the BDCs. To begin the migrations, insert the Win2K Server CD-ROM, then choose Upgrade or run winnt32.exe from the CD-ROM's \i386 directory. Win2K Server installation proceeds as it did for your PDC and eventually logs on as Administrator and starts Dcpromo.

Dcpromo is intelligent. It recognizes whether your server was a BDC or a member server and, as Figure 5 shows, asks whether you want to run the system as a DC or a member server in your Win2K network. If you choose the Leave as a member server option, you exit the wizard immediately—the servers you designate as member servers will inherit their previous domain memberships, so they'll automatically migrate to your AD domain. However, because I recommend having at least two Win2K DCs, I suggest you instead select the Make a domain controller option when you migrate your NT network's first BDC.

The PDC and BDC migration processes are similar. Dcpromo needs to know your DNS server's location and requires a username and password for accessing account data from the first DC you migrated (i.e., your former PDC). Dcpromo then replicates this account data from the first DC you migrated to the server you're currently migrating. Dcpromo's wizard also asks for some of the same information that it needed to migrate your former PDC (e.g., where to store the AD database and SYSVOL directory). When you enter this information, use the same guidelines you used for PDC migration.

Finishing Touches
Before you're finished, you need to consider your network workstations' OSs and their configurations, then make the necessary changes to these workstations. You'll likely need to reconfigure your workstations to send their DNS name resolution requests to your network's new host DNS server. To migrate completely to Win2K, you eventually need to kill WINS and rely solely on your network's DNS server for internal name resolution.

I recommend letting your internal DNS server handle your clients' external name resolution requests as well. If you follow this recommendation, you need to configure your DNS server as a forwarder. A forwarder sends external requests that it can't resolve to your ISP's DNS servers. When the request is for a legitimate host name, your ISP's DNS servers can resolve the request and pass the IP address to your internal DNS server. Your internal DNS server receives the answer and passes it to the client machine that requested the name. When the process works correctly, it's faster and requires less overhead than you might expect. For more information about forwarders, see "DNS and Active Directory."

Native Mode
For downlevel compatibility with NT systems, Win2K installations default to mixed mode. This mode lets Win2K DCs act like NT PDCs: The DC can send PDC-emulating messages out on the network and respond to PDC-targeted requests, such as requests for the domain master browser. However, you ultimately want to switch to native mode. Only in native mode can you take advantage of features such as multimaster replication. This mode switch is the last step in a complete Win2K migration.

You can't undo a move to native mode, so as a test-run, I recommend manually stopping the WINS service for several workdays before you make the switch. If users have name-resolution problems, restart the WINS service and diagnose the problem. Before you switch to native mode, you need to make sure that none of your internal systems depend on NT-style name resolution and that your network functions solely and reliably on DNS name resolution. If your network functions as usual after you stop WINS, you've most likely done everything you need to do to make the permanent switch to native mode.

When you're ready, use any DC's MMC Active Directory Domains and Trusts snap-in to make the switch to native mode. Right-click your domain, and open the Properties page. In the General tab's Domain Mode area, click Change Mode. After you click through a few confirmation dialog boxes, the irrevocable shift from mixed to native mode begins. Your DCs will communicate with one another for a while, then your domain's servers will be 100 percent Win2K.

Reap the Rewards
Of course, a migration demands plenty of additional obligatory tasks, such as cleaning up the user database, group memberships, and share permissions. Overall, however, a single-domain migration to Win2K is fairly painless. And moving all the way to native mode significantly increases your network's stability, reliability, and manageability.