Вы находитесь на странице: 1из 27

The Smoke and Mirrors of Server Upgrades

Prepared by John Croson


Contents
Introduction ...........................................................................2
Environment Evaluation .......................................................2
Hardware ...................................................................2
Software ....................................................................3
Server Services ..........................................................3
Operating System and Hardware Selection ..........................4
Server Editions ..........................................................4
Server Licensing .......................................................4
Hardware Considerations ..........................................5
Server Selection Tips ................................................6
Server Upgrade and Migration ..............................................7
In-Place Upgrade ......................................................8
Clean Installation ......................................................8
Surrogate Migration ..................................................8
6 – Active Directory Preparation .........................9
7 – Active Directory Installation ..........................10
8 – Data Migration................................................13
10 – Active Directory Migration...........................13
12 – Internet Information Services.......................14
13 – SQL Server....................................................15
Post Installation .........................................................18
Application Migration ...........................................................19
Conclusion ............................................................................19
References .............................................................................20
Glossary of Terms..................................................................21

Page 1 of 27
.: Introduction
As time and technology progresses, system administrators find themselves patching software, fixing
hardware, installing upgrades, all to avoid the inevitable: THE UPGRADE. This will make management
cringe at the expense, users moan that their work day might be disrupted, and system administrators wipe the
sweat from their brows realizing their existence for the next 3 to 6 months will be secure.
This guide will provide information and tips on Windows 2003 Server upgrades and migrations to include:
 Active Directory
 IIS
 SQL
 Applications
While this is not a definitive guide on the subject of Windows Server 2003 upgrades and migrations, it will
provide consolidated information for systems administrators seeking upgrade guidance.

.: Environment Evaluation
The first phase of any type of migration is to evaluate your environment. In many cases, patch levels, running
applications, and services provided are documented, but my not be complete. Depending on your role in the
environment, you could be facing a dire situation.
Jack Taugher [9, excerpts from interview], a colleague who is an IT consultant was asked to quote a server
upgrade. He was provided some information by the potential client, and drew up a quote. However, when he
arrived to deliver the quote, he found the server with the front grill open revealing two IDE drives sitting un-
mounted, stacked in the case. They were the systems sole drives in a mirrored configuration. Upon closer
inspection, one had failed without warning, putting this client at great risk of data loss.
Jack informed the customer of the situation, and was immediately hired to rectify the situation. This discovery
changed the scope of the migration project, and the quotation. Stabilization of the existing server is vital, and
an initial evaluation would have revealed this.

.: Hardware
Whether you find existing documentation or not, a complete evaluation is imperative, especially if you are
planning to upgrade the system software on your existing hardware. There are a variety of tools available to
inventory the server hardware. Belarc Advisor [7, resource] has an excellent utility for quickly evaluating the
hardware, operating system patch status, and even performing a Center for Internet Security benchmark.
Additional utilities for hardware evaluation are also provided by OEM support sites. For example, Dell has a
utility that automatically probes for the machines service tag number, and provides a detailed list of the
original hardware configuration, accompanied by the current hardware configuration. Microsoft provides the
Microsoft Baseline Security Analyzer (MBSA) that is useful for testing the patch status of both the server to
be retired, and the new replacement. There are also many vendors of enterprise level hardware evaluation
utilities.
If you plan to upgrade the system software on your existing server, use the hardware inventory to cross
reference the Microsoft Hardware Compatibility List (HCL) [6, resource]. Most major manufacturers of
server components will certify those components for use with Microsoft Operating Systems. You should use
the Evaluation Worksheet addendum for your inventory, or if you are fortunate enough to have an OEM
system that is HCL certified, you need not pour through that extensive list Belarc and other utilities produces.
Simply record the server make and model, verify it at the Microsoft HCL website, and ensure that any added
components since putting the server into service are also HCL compliant. Print the results from your hardware

Page 2 of 27
inventory program and attach it to the Evaluation worksheet.
It is possible that some components will not be HCL certified. When this becomes the case, check with the
manufacturer for driver availability. They are usually available and reliable. If not, many times Microsoft will
provide generic driver support for those devices. Check Microsoft's website and failing that, Google it!

.: Software
The next step in evaluation is the software. Microsoft's MBSA and Windows Update do a fine job of
identifying needed updates, but application software is another matter. Some manufacturers will provide a
method of checking for updates. Sun Java, Symantec's Live Update, and some Intel components are examples
of software that have automatic update features. Others require that you either run a utility from inside the
application, or visit the manufacturer's website for downloadable patches. Use page three of the Evaluation
Worksheet for recording all third party applications, their version numbers and patch status.
Evaluating the workstations and software used that connect to the server is also important. Patches to the
server may impact workstations in many ways. Some server applications automatically update the clients;
some require that the clients apply the same patch, but the client portion only. Other client/server applications
require no patching on the client side. It's important to understand the applications that run on the
workstations, and how they interact with the server. Check the workstations in different departments for
installed applications. You are more likely to find the greatest differences between departments and their
managers, than simply choosing a couple of workstations in the same area being used by people performing
similar tasks. Record your findings on page four of the Evaluation Worksheet.
Once this is complete, contact the application manufacturer's and inquire about any compatibility issues with
their software and your missing Microsoft patches, and the proposed server environment.
Lastly, ensure media or a download location is available for these applications. If the resource is a website,
download these files for later use. The last thing you need during a server upgrade is missing software.

.: Server Services
Observe server load during normal operating hours. This will give you an accurate perspective into processor
and memory utilization. If you observe abnormally high usage, identify those processes using the Windows
Task Manager, Performance Monitoring, SysInternals Process Viewer [5, Marcin Policht points out these,
and suggests www.sysinternals.com for free utilities], or other process analyzing utility. Record your results,
and use these findings to ensure your hardware selections are appropriately sized, if you plan to replace your
existing server.
Inventory the running services on your server as many Windows 2000 Servers have unnecessary services
running, consuming resources. Disable any unused services, and note those services needed, since the default
Windows Server 2003 installation has very few services enabled, unlike Windows 2000 Server. Use Xnetstat,
or similar utilities to determine listening ports and the program associated with created the listening socket.
They will provide clues to services that may not be listed in the Windows Services Microsoft Management
Console (MMC). Some services are run using scripts or other methods upon server startup. Once those
programs are located, check the file properties, and research the program. Again, Google is an invaluable
resource for locating this information.
The Microsoft Management Console can export its contents to a text file; doing so with the service list will
render a nicely formatted file, which can be opened in Excel. Simply right-click the Services object in
Computer Management, and choose Export List. This can be either a tab delimited or comma separated value
export. Attach this list to the Evaluation Table, noting any services not in this export on page five of the
Evaluation Worksheet.

Page 3 of 27
.: Operating System and Hardware Selection
Now that the environment has been documented, your operating system can be chosen. You may also be
choosing a new server, if your upgrade plans include one, so hardware needs will also be considered.

.: Server Edition
Microsoft's Server 2003 comes in a number of editions, based on your needs. Listed below are the editions,
along with a brief description of the differences.
 Windows Server 2003 Web Edition – Primarily used in single server, unclustered web server
environments. Will not provide many services necessary in a client/server environment. Hardware
limited to 2 processors, and 2 Gigabytes of RAM.
 Windows Server 2003 Standard R2 – Designed for small to medium sized businesses. Supports up to
4 processors, and 4 Gigabytes of RAM. Provides file, print, and application deployment.
 Windows Server 2003 Enterprise R2 – Designed for medium to large sized businesses. In addition to
providing the same services as Standard, support is expanded to 8 processors, 32 Gigabytes of RAM
and 8 node clustering. The 64bit version of this edition increases support up to 1 Terabyte of RAM.
The enterprise edition also provides the ability to hot-add supported hardware. This is important in an
environment where server downtime is not an option, and allows one to add, install, and configure
hardware without shutting the server down.

.: Server Licensing
Licensing your new operating system can be a bit complicated. First, your existing Windows 2000 Server
licenses are not transferable, so you will be required to purchase new ones. To begin, you must first
understand the basics of the Microsoft Licensing model:
 Every installation of Microsoft Server 2003 requires a server license.
 A Windows Server 2003 Client Access License (Windows CAL) is required to access or use any
resource on the server.
 A Windows CAL is not required for unauthenticated access to the server. An example would be
accessing a web site on the server where no identifying credentials are exchanged.
 A Terminal Server Client Access License is required to use Terminal Services in application mode, i.e.
hosting a GUI for remote user access, except for a console session.
Some changes that occurred in the release of Windows 2003 Server Edition:
 The introduction of the Device Client Access License (Device CAL), and the existing User CAL. You
can choose to purchase a User CAL for every named user accessing your server, or a Device CAL for
each device.

TIP: For the best value, use this example when choosing a licensing method. A factory with 20
computers that are utilized by 3 shifts of 200 users should purchase 20 Device CAL's. A company
with 20 users utilizing multiple devices like computers, laptops, and mobile devices should choose
User CAL's, since the number of devices outnumber the users.

 The name for Per Seat licensing mode has been changed to Per Device or Per User mode. Per Server
mode is the same, and the mode you choose during the operating system installation will be

Page 4 of 27
important. Per Device or Per User mode allows each licensed user to connect to multiple servers.
Per server allows as many users as you have licenses for to connect to that server. The rule of
thumb is if you have one server, choose Per Server mode, if you have more than one server, choose
Per Device or Per User mode.
There are also different license types: Volume Licensing, Open Licensing, and Software Assurance.
Fortunately, Microsoft's online licensing evaluation tool [8, from the MS licensing website, click How To Buy,
and at the bottom of the resulting page, click “Find the right licensing program for you” link] works well at
asking you what product you'd like to purchase, the number of users or devices connecting. It then determines
what licensing you qualify for, and gives an estimate of the cost. I used the tool, and received an estimate of
$1200 for Windows Server 2003 Standard R2 with a 25 User CAL pack.

.: Hardware Considerations
Whatever your decision might be in the way of OS or Licensing selection, you must still plan for the future. If
the user load is 25 employees now, but growth is expected in the future, plan your server install accordingly.
Hardware selection is also extremely important in terms of expandability. If the business grows in the next 5
years, the server will be required to handle that load immediately, or have upgrade abilities to meet growing
needs.
If you decide not to upgrade your server, consider these important questions:
1. How important is your server to your day to day operations?
2. Can you operate for one day without it? What about a week?
3. Is your existing server still under warranty, and if so, for how long?
4. Is there an extended warranty available for purchase?
The consideration to using existing hardware for a server upgrade can be argued pro and con. My personal
opinion is, if you answered “Very” to question number one, “No” to number two, less than one year for
number three, and more than 20% of the servers original cost for number four, then it's time to replace your
existing server.
A study by the accounting firm McGladrey and Pullen [1, from Darryl Peddles’ article] last year
estimated that one of 500 data centers will suffer a catastrophic data loss this year. Of those, 50% are
expected to go out of business. Considering that fact, the price to pay for a new server is a drop in the
proverbial bucket.
Another argument from the “Don't be Cheap” camp is this story from Jack Taugher [9, excerpt from
interview]. A client owned a Compaq server that was relied on quite heavily, and the warranty was set to
expire soon. The customer decided not to renew, since the server was slated to be replaced in six
months. Shortly after the expiration of the warranty, a fan failed on the server, causing it to go down,
and not be available for use. Normally when a server is under warranty, the process of replacing parts is
quite simple; call the manufacturer, and a part is in your hand in four hours. In this case, they waited
three days for the fan to arrive, only to find it was incorrect. Another fan was shipped FedEx, installed,
and the server was back up and running. The entire process took one week, approximately 7 days longer
than they desired to be without the server.
Hardware selection should be made carefully. In most cases, if your existing server wasn't overloaded,
and is of a typical replacement age ( 3 to 5 years old ), you will likely find yourself purchasing one that
is much more powerful, simply because of the advances in technology.

Page 5 of 27
.: Server Selection Tips
1. Processor Speed and Type
1.1.This will primarily be determined on the performance of the old server. If utilization on the
old server approaches 30% or more, carefully determine the reason. If it is because services
and applications are driving the utilization up, and the server contains adequate RAM, a
faster processor is in order.
1.2.Dual processors can improve performance dramatically, as well as choosing a 64 bit
environment.
BENEFITS: Performance and useful life.
2. RAM Considerations
2.1.Double, and if possible, triple the RAM for your new server.
BENEFITS: Performance will increase, and ultimately productivity: If your applications
run faster, your employees productivity improves, which directly affects the bottom line.
3. Hard Drive Space and Configuration
3.1.Ensure your allocation for drive space is at least twice the size they are now, preferably
larger.
BENEFITS: Your data growth will increase, preparing for it now saves time and money in
the long run.
3.2.Configure your system and data drives in RAID 5, with a fourth used as a hot fail-over.
BENEFITS: It's a cost-effective solution, and serves to provide good protection against
data loss.

NOTE: Some will argue that the system be installed on a pair of drives configured for RAID
1, and three drives in RAID 5. This equals no fail-over drive, and purchasing an additional,
fifth drive. Choose your comfort level, and budget accordingly.

4. Tape Drive
4.1.While RAID 5 offers redundancy, it should not be treated as a failsafe method of data
storage. Data backups are still imperative.
4.2.Choose a tape drive that is capable of backing up your entire data drive onto one tape
cartridge. If your data size exceeds a single cartridge, consider a tape library.
4.3.Consider a backup solution that provides Intelligent Disaster Recovery. These options will
typically allow you to recover all your data in a “bare metal recovery” scenario, i.e. All your
disks fail, and you need to restore all data to fresh drives.
4.4.Review your current backup scheme. Daily full backups with a five tape rotation are not
good practice. A better solution is Grandfather, Father, and Son. Daily, or Son backups, are
rotated daily with one graduating to Father once a week. Weekly, or Father Backups, are
rotated weekly with one graduating to Grandfather once a month. Monthly, or Grandfather
Backups, are rotated out quarterly for off-site storage for disaster recovery.
BENEFITS: When your server crashes, and you perform a full restore while your boss
looks over your shoulder, you'll thank me.
Enough can't be said about expandability and meeting expected server demands when installing a new
server. It's far better to over-purchase, than to have to purchase more components later, to extend the
usefulness of your investment.

Page 6 of 27
.: Server Upgrade and Migration
According to Microsoft, there are two methods to migrate and upgrade a server [3, from “Upgrading from
Windows Server 2000 to Windows Server 2003”]. They are In-Place and a Clean Installation. I prefer a clean
installation in all cases, since in-place upgrades usually always result in issues of some type. This can pose a
problem if you choose to keep your existing hardware, since a Clean Installation would require that you re-
create your environment from scratch.
This is why I have used a “Surrogate Migration” in cases where the source server is the only one in the
environment, and experiencing issues. It provides the users in an unstable environment a solid source of
server services during a “rescue” attempt.
In an ideal situation, you will have a new server purchased from an OEM distributor that has already pre-
installed Windows Server 2003 for you. This will eliminate step 2 in the Surrogate Migration, but not the sub-
steps, i.e. 2.1 a, b, and c.
 In-Place Upgrade onto existing hardware - Performing an in-place upgrade may at first glance be an
attractive possibility.
Pros:
 Any existing permissions, users, groups, rights, and windows settings are preserved.
 Active Directory component upgrade is automated, and most networking services are
upgraded seamlessly as well.
 Applications and files do not need to be re-installed.
Cons:
 Any known or unknown issues that reside in software or hardware remain.
 Clean Installation onto existing hardware
Pros:
 If you keep your existing server, reformatting the hard-drive may improve performance,
and give you a clean environment.
 You can also modify the hard-drive partitions to better serve the size and number needed
to meet your requirements.
Cons:
 Migration of Windows components is more time consuming, since they will be manually
re-created.
 All applications will need to be re-installed and re-configured, requiring documenting
application settings.
 Any known or unknown issues that reside in hardware remain in the environment.
 Surrogate Migration, back to originating server – This option is used when the complexity of
Windows services or other applications must be maintained and tested before removing the source
server, or in server emergency situations where an unstable source server must quickly be relieved of
it's duties.
Pros:
 In a single-server environment with many users, computers, customized installation
deployments, and security settings can be tested and migrated.
 Benefits from a clean installation.

Page 7 of 27
Cons:
 All applications need to be re-installed and re-configured. Twice.
 Any known or unknown issues that reside in hardware remain in the environment.

.: In-Place Upgrade
Performing an in-place upgrade is similar to the Surrogate Migration steps, with exception to step 6, which is
not needed. Insert the Windows Server 2003 disk, and if the Windows Server 2003 menu appears, choose to
Upgrade to Windows 2003. If not, navigate to the CD drive location in My Computer, and run the autorun.exe
application. The process is similar to a fresh installation, with the exception of selecting the Upgrade option at
the beginning of the process. The process is approximately as long as a fresh installation.

.: Clean Installation
Performing a clean installation is similar to the Surrogate Migration steps, with exception to step 6, which is
unneeded. At the beginning of the installation process, take the opportunity to review the partitions, choosing
a partition method that meets your needs, and reformat all drives to the NTFS file system. Your system drive
(usually C:) should be about 20gb in size.

.: Surrogate Migration
You will need a surrogate machine, so choose something with reasonable speed and drive space, adequate to store
the data and applications currently stored on your existing server. Choose a workstation that can handle some load
if your upgrade process becomes problematic, and requires more time than the upgrade window provides. You
may actually have to use it as a temporary server.
1. Backup - First and foremost, backup your old server, in it's entirety.
2. Install Windows Server 2003 - On the surrogate machine, install Windows Server 2003. Choose the Per
Device or Per User licensing model during the installation. Install the following components from
Add/Remove Programs, Windows Components after the installation is complete:
2.1.From Windows Components in Add/Remove Programs choose the following: (See Figure 1).

Figure 1

Page 8 of 27
a) DNS
b) DHCP - Copy settings from the Windows 2000 Server. If this is a complex setup, refer to Microsoft
Knowledge Base article, KB325473 for migration steps.

IMPORTANT TIP: Make sure that while the retiring server is in use, that this machines DHCP
services DO NOT START. Microsoft DHCP service is not very intelligent, and will shut down if it
sees another DHCP server on the network. DO NOT ACTIVATE THIS SERVICE.
c) WINS
3. Patch Servers - Assuming you checked with the application vendors for patching servers and applications
proceed to patch this server, and the Windows 2000 Server to current levels.
4. Time Settings – Ensure both servers are either synchronized to the same Network Time Protocol (NTP)
servers, or manually set the time on both machines to the same time.
5. Disable Anti-Virus – Disable any anti-virus programs running on the server, to avoid possible issues during
migration.
6. Active Directory Preparation - Before you can install Active Directory (AD) components on this
new “server”, you must first prepare the Windows 2000 server by updating the schema [4, screen
shots used by permission of Daniel Petri]:
6.1.Insert Disk 2 of the Windows Server 2003 disk set into the Windows 2000 Server that holds the
Infrastructure Master FSMO role. If this is a single server environment, then insert the disk. If not,
and you are unsure, refer to Microsoft Knowledge Base article KB234790 for instructions.
6.2.From the CD-DRIVE:\CMPNENTS\R2\ADPREP\ directory run adprep.exe /forestprep,
where CD-DRIVE is your cdrom drive. Note the output in Figure 2 and 3.

Figure 2

Figure 3
6.3.Now that the /forestprep is complete, run adprep.exe /domainprep. The output is very brief,
Figure 4:

Page 9 of 27
Figure 4
6.4.After running ADPREP command, open
%systemroot%\system32\debug\adprep\logs\ADPrep.log, and see if there are error messages
that might need to be resolved.
7. Active Directory Installation [2, referenced from the Windows Server 2003 Active Directory
website] - On the surrogate server go to Start, Run, and type dcpromo.exe in the run box and
clicking OK. This will start the Active Directory installation wizard. The first window will be
introductory. Click Next.
7.1.Domain Controller Type - Domain Controller for a new domain, or creating an additional
Domain Controller for an existing domain. See Figure 5.

IMPORTANT NOTE: If your Active Directory environment has been determined through
your investigation to contain errors, you will want to consider creating a new domain. This
choice creates more work, but will eliminate the possibility of migrating bad data.

Figure 5
7.2.Network Credentials - Enter the credentials of a user that has rights to add this Domain
Controller to the domain, and the domain name. Click Next. See Figure 6.

Page 10 of 27
Figure 6
7.3.Domain Name – Enter the domain name, or click browse to locate it. Click Next. See Figure
7.

Figure 7
7.4.Database and Log Location - Select the defaults, and click Next. See Figure 8.

Figure 8
7.5.SysVol Location – Select the default location, and click Next. See Figure 9.

Page 11 of 27
Figure 9
7.6.Directory Services Restore Mode Administrator Password – Type it in, document it, and
click Next. See Figure 10.

Figure 10
7.7.Summary Page – Review the summary, and click Next.
7.8.Configuring – Wait for this to complete. See Figure 11.

Figure 11
7.9.Completed – Click Finish.
7.10.Reboot – A reboot is necessary to complete the installation of Active Directory

Page 12 of 27
components.
8. Data Migration – Use Robocopy, a free utility from Microsoft provided in the Windows Server
2003 Resource Kit [10, resource], to transfer all files from file share locations existing on the old
server to the surrogate server. Set up the file sharing by referring to the old server.

Take this opportunity to clean up your logon scripts. There are many great alternatives to batch
scripting technology, and allows for simplified advanced configuration techniques. Kixtart is an
excellent example of this, with a tremendous peer support group, and excellent documentation.

TIP: A quick method for recording a list of existing file shares is to open Computer
Management, expand the Shared Folders object, right-click the Shared and choose Export List
option to export a list of Shared Folders in text format. Another option is to open a shell window,
and type 'net share > c:\shares.txt'. This creates a similar list in C:\, called shares.txt.

TIP: There is a free-ware Graphical User Interface to the shell utility Robocopy, found on SH-
SOFT's website [11, resource], in the Tools section. This greatly simplifies the copy process.

9. Migrate Printers – If your environment is complex, you can use the Printer Migrator v3.1, a
free download from Microsoft. If not, install those printers manually on your surrogate server.
10. Active Directory Migration – If you chose to create a new domain, you will migrate all
workstations, users and groups to the new domain using the Active Directory Migration Tool
v3.0, found on the Microsoft Server 2003 installation disk, in the i386\ADMT folder.
10.1.Requirements for user running tool:
a) Administrator rights to source domain, and all computers that will be migrated.
b) All computers you plan to migrate must have the administrative shares C$ and ADMIN$
available.
c) You must be a member of the local administrators group.
d) The source domain must trust the target domain. Set up this trust in the Active Directory
Domains and Trusts MMC snap-in.
10.2.OPTIONAL – These steps are not required, but may ease the migration process.
a) Create a local group in the source domain, named %sourcedomain%$$$. This group
must be empty.
b) Turn on Auditing for the success and failure of account management on both domains in
the Default Domain Controllers Group Policy. This will aid in any troubleshooting in the
event of failures.
c) Configure the source domain to allow Remote Procedure Call (RPC) access to the
Security Accounts Manager (SAM) by configuring the following registry key on the
Primary Domain Controller (PDC) Emulator in the source domain with a value of ‘1’-
HKLM\System\CurrentControlSet\Control\LSA\TcpipClientSupport. Reboot the Domain
Controller after this change.
d) You may also choose to migrate passwords by using the password migration DLL:
• On the server where ADMT is installed, in a shell window, run 'admt key
SourceDomain path [* | password]', without quotes, where ‘SourceDomain’ is the
NetBIOS name of the source domain, and ‘path’ is the local location for the exported
key file (.pes).

Page 13 of 27
• Move this exported file to the new server that should have ADMT installed.
• Insert the Windows Server 2003 disk in the new server, and run pwmig.exe from the
i386\ADMT folder on the CD to install the Password Migration DLL.
• You will be asked for the location of the .pes file you moved to this server.
• After the installation completes, you are required to restart the server. To migrate
passwords, modify the following registry key to have a DWORD value of ‘1’.
HKLM\System\CurrentControlSet\Control\LSA\AllowPasswordExport
10.3.ADMT Failure - If using ADMT fails to migrate the users, groups, and workstations to the
new domain, you must create the users and groups by hand, in the Active Directory Users
and Computers MMC snap-in, on the new server.

You must also join each workstation to the new domain, and use “brute force” methods to
retain user profile settings on the individual workstations. Windows XP user settings are
typically stored in the C:\Documents and Settings\’UserName’ folder, where ‘UserName’
(without quotes) is the users logon name. Follow the guidelines below for the process.
• As a domain administrator, log on to the workstation, and join it to the new domain. Reboot
the workstation when prompted.
• Log on as the user that needs their profile migrated. Reboot the workstation, as this will
release any file locks in that profile directory.
• Log in as a domain administrator. Look in the “C:\Documents and Settings” folder for two
profiles that match the users login name. The old profile will be named ‘UserName’, or
‘UserName.OldDomainName’. The new profile will be named ‘UserName.DomainName’.
• Copy all files from old profile directory to new profile directory. You will likely need to take
ownership of these files to be successful.
Optionally, you may try these tools provided by Microsoft to automate this. I have not used
them, so cannot attest to their usefulness.
• Moveuser.exe from the Microsoft Server 2003 Resource Kit [10, resource] will move local
user profiles to domain user profiles. This method is documented to have issues at times. Your
mileage may vary.
• User State Migration Tool (USMT) [12, resource] will migrate user states from old XP
workstations to new ones. There are many options to choose from, so read the documentation
carefully.
11. DCPROMO - Run dcpromo.exe on the Windows 2000 Server after Active Directory Replication is
successful, to remove Active Directory from this server. Check the event logs for information
regarding the process.
12. Internet Information Services – The most reliable method to migrate Internet Information Services
(IIS) settings is with the shell utility, IIS 6.0 Migration Tool, provided free from Microsoft. The tool
transfers configuration data, Web site content, and application settings to a new IIS 6.0 server.
12.1.Additional configuration will be necessary, after using the utility, since these items will not
migrate [13, referenced from Alexander Zubair, “21 Things IIS 6.0 Migration Tool Doesn’t Do”]:
a) The FrontPage Server Administrator account is not migrated, and will need to be replicated
manually. Additionally, web sites with custom security settings pertaining to FrontPage Server
Extensions, they will to be configured on the destination server.
b) IIS 5.0 Registry Settings – Only settings in the metabase are migrated, not registry settings.

Page 14 of 27
c) If any local security accounts were specified to be used in replacement of the Anonymous
User, or WAMUser, these will have to be manually created at the new server.
d) MIME Types
e) Digital Certificates
f) ISAPI filters or extensions that do not reside within the migrated content. Additionally, you
will have to enable any filters or extensions, since by default none are enabled in IIS 6.0.
g) If the Windows installation directory (WINNT, WINDOWS, etc) is different from source to
destination, the metabase references to these locations will need to be changed.
h) Virtual Site sub-directory's path cannot be changed, only the site root. Ensure destination
drives exist, since the tool will attempt to migrate the data to those locations. In the event the
destination drive doesn't exist, manually copy the content, and update the metabase.
i) Log files.
j) Web application DLL's.
k) ASP.NET process model settings.
l) Files or content that reside out of the web root.
m) Databases, and ODBC connections.
13. SQL Server – There are two methods for migrating SQL databases. First, ensure the new server has
SQL installed, and running properly. Secondly, ensure both servers are patched to identical levels, and
choose one of the methods below for transferring the data.
13.1.Data Transformation Services - The SQL Server database migration is most easily performed
with the Data Transformation Services (DTS) in SQL Enterprise Manager. This facilitates the
transfer of the database information from one server to another. Using the DTS wizard, one can
set up the transfer of a database to another SQL server in minutes.
a) Open Enterprise Manager. Expand the server object, and drill down to the databases. Right-
click the target database, and select properties. Right click again, select All Tasks, Export. The
DTS wizard appears. Click Next.
b) Choose a Data Source – Your default data source, server, database and authentication method
will be automatically selected, check them to be sure. Click Next. See Figure 12.

Figure 12
c) Choose a Destination – Select the destination server from the Server drop-down box. If the

Page 15 of 27
destination database has already been created, select it, otherwise select <new>. See Figure
13.

Figure 13
d) Create Database – Create your destination database by typing in the name, and click OK. See
Figure 14.

Figure 14
e) Specify Table Copy or Query – Select the last option to copy all database objects and data to
the new server. Click Next. See Figure 15.

Figure 15
f) Select Objects to Copy – Accept the default options, and click Next. See Figure 16.

Page 16 of 27
Figure 16
g) Save, Schedule, and Replicate Package – These options allow you to either immediately start
the transfer, schedule it for a later time, or even set up a database replication schedule. Choose
the default, and click Next. See Figure 17.

Figure 17
h) Summary – This window summarizes your choices. Click Next to start the transfer. See
Figure 18.

Page 17 of 27
Figure 18
13.2.Data Copy Method - You can “forklift” the database, physically copying the database and
transaction logs to a new location.
a) Using SQL Enterprise Manager, find your database in the server object list, right-click it, and
choose Properties. The Data Files tab and Transaction Log tab indicate file name, and path.
Note these for the next step.
b) Right-click the database, select All Tasks, Detach Database. Copy the .mdf database and .ldf
transaction log you noted in the previous step to a location on the destination server.
c) Once the data is copied, use SQL Enterprise Manager to attach to the migrated data by
expanding the server object, right-clicking the Database folder, and selecting All Tasks, Attach
Database.

IMPORTANT: Whatever method you use to migrate the database, it is imperative that you
contact any software vendors that created databases to determine if any machine specific
information is contained therein. Examples of this could be UNC paths, machine names, or
other information that could adversely impact application performance.

.: Post Installation
Once you are satisfied that your new server is correctly installed, configured, and all Microsoft components
are migrated to the new server, refer to the Application Migration section below for potential techniques in
this phase.
If you chose the Surrogate Migration, perform a fresh installation of Windows Server 2003 on your old
Windows 2000 Server machine. Ensure you refer to the Clean Installation section above for tips. Step through
the Surrogate Migration steps to migrate application and Windows settings back to the original server. Finally,
demote the surrogate server, by running dcpromo.exe, and remove it from service.

Page 18 of 27
.: Application Migration
Application migrations vary in complexity. It's best to involve the manufacturer of the software if possible,
since they will be aware of any nuances special tools available for use, but this is not always possible. Check
the manufacturers’ website, and consult peer groups if possible.
Migration could be a simple matter of installing the application onto the new server, ticking a few boxes, and
pointing it to the new SQL databases. If there is a client component, it will likely involve changing software
settings on the workstations.
Some applications are custom Access databases, FoxPro, or similar. These applications will always require
the help of the developer because of modifications that typically occur over time, which may adversely affect
the migration process. If the developer is not available, or documentation is poor, a fair amount of
investigatory work will be in order. This usually involves meticulously combing through the Windows
registry for pieces of the installation, exporting those hives to the destination server, copying all of the data
files over, and running the program through it's paces, waiting for errors. These errors will be significant clues
to missing files that are needed for a successful migration. Diligence will pay of in many cases, making you
look like a hero when the application is finally migrated.
Many software manufacturers make migration utilities to simplify the migration process. Trend Micro and
Symantec integrate tools for their enterprise anti-virus (AV) suites that allow for the copying of configuration
and moving managed workstations from one AV server to another.
Other techniques might involve capturing screen shots of an applications setting for documenting the setup.
Once the new server has the software installed, the configuration settings are then set by hand, referencing
said screen shots.
Lesser encountered situations of migration issues are custom or legacy applications that require elevated
privileges to run. Tools such as Filemon and Regmon, that monitor file and registry usage can help pinpoint
possible issues, and isolate the privileged environment [5, from Marcin Polichts’ article “Deploying Windows
XP, Application Migration”].
As in all migrations and upgrades, test all applications before assuming they’ll work.

.: Conclusion
This document sheds more light on the process of server upgrades, and consolidates some of the reference
material in one handy location for your next upgrade project.
My hope is that you learn that there is more than one approach to this type of project, and while you may not
agree everything written, some of it will present value.
I know I have learned more about this process, and the value in performing complete research into it before
hand.

Page 19 of 27
.: References
[1] Darryl Peddle, “Coping with a serious data loss from your computer hard drive”,
HomeNetworkHelp.info, retrieved 6 Nov 2007
<http://www.homenetworkhelp.info/index.php?pg=articles-coping-with-a-serious-data-loss-
from-your-computer-hard-drive&mn=a>.
[2] “Windows Server 2003 Active Directory”, Microsoft Corporation, retrieved 21 Oct 2007
<http://www.microsoft.com/windowsserver2003/technologies/directory/activedirectory/>.
[3] “Upgrading from Windows Server 2000 to Windows Server 2003”, Microsoft Corporation, February 2003.
[4] Daniel Petri, “What do I need to do to prepare my Windows 2000 forest for the installation of the first
Windows Server 2003 DC?”, petri.co.il, retrieved 6 Nov 2007
<http://www.petri.co.il/windows_2003_adprep.htm>
[5] Marcin Policht, “Deploying Windows XP, Application Migration” in Server Watch, 3 March 2005,
retrieved 21 Oct 2007 <http://www.serverwatch.com/tutorials/article.php/3487236>.
[6] “Windows Server Catalog of Tested Products”, Microsoft Corporation, retrieved 22 Oct 2007
<http://www.windowsservercatalog.com/default.aspx>.
[7] “Belarc Advisor – Free Personal PC Audit”, Belarc, Inc., retrieved 31 Oct 2007
<http://www.belarc.com/free_download.html>
[8] “Microsoft Volume Licensing Home Page”, Microsoft Corporation, retrieved 9 Nov 2007
<http://www.microsoft.com/licensing/default.mspx>
[9] Jack Taugher, VP, Air Technology Services, Brookfield, WI, telephone interview, 26 Oct 2007
1. How long have you been in the IT field?
2. Which was the most difficult server upgrade you've performed?
3. Which was the easiest?
4. What tip would you give someone about to perform an Active Directory migration?
5. Do you have a preference in server hardware, and if so, which manufacturer and why?
6. What legacy application migration insight can you provide?
7. What resources to you commonly use for information?
[10]“Windows Server 2003 Resource Kit Download”, Microsoft Corporation, retrieved 7 Nov 2007,
<http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-
b18c4790cffd&DisplayLang=en>
[11]SH-SOFT Corporation, retrieved 7 Nov 2007, <http://www.sh-soft.com>
[12]“User State Migration Tool Download”, Microsoft Corporation, retrieved 7 Nov 2007,
<http://www.microsoft.com/downloads/details.aspx?FamilyID=799ab28c-691b-4b36-b7ad-
6c604be4c595&displaylang=en>
[13]Zubair Alexander, McCann Enterprises LLC, “21 Things IIS 6.0 Migration Tool Doesn't Do”,
TechGalaxy.net, retrieved 7 Nov 2007, <http://www.techgalaxy.net/Docs/IIS/IISMT.htm>

Page 20 of 27
.: Glossary of Terms
 Active Directory – Microsoft's implementation of LDAP directory services.
 Cluster – A group of loosely coupled computers that work together in a way that they can be
considered as if they were a single computer, typically performing load-balancing, or high-
availability.
 DHCP – Dynamic Host Configuration Protocol. This is a protocol used by network devices to obtain
IP addresses, and additional information such as DNS server, routing information, and subnet mask
from a DHCP server.
 DLL – Dynamic Link Library. Files that contain shared library information.
 DNS – Domain Name Service. Think of this as the phone directory of the Internet. Where your name
in the phone directory is associated to a phone number, Domain Name Service associates a domain
name like www.google.com to an IP address.
 FSMO – Flexible Single Master Operations, the acronym that describes the five roles in Active
Directory:
 Schema Master
 Domain Naming Master
 RID Master
 PDC Master
 Infrastructure Master
 IP - Internet Protocol is a data-oriented protocol used for communicating data across packet switched
network.
 LAN – Local Area Network. Denotes a small, private network.
 MBSA – Microsoft Baseline Security Analyzer. Freely downloaded from the Microsoft website. Will
scan a target machine, and provide a list of missing patches, known security issues, and detailed
instructions on resolving those issues.
 NetBIOS – Network Basic Input/Output System. Allows applications on separate computers
communicate in a LAN environment.
 OEM – Original Equipment Manufacturer.
 Paging – The Windows method used for virtual memory allocation.
 Primary Domain Controller – The server that houses user, group, and machine accounts.
 RAID – Redundant Array of Inexpensive Disks. These are two or more disks combined using special
hardware to appear to be a single logical disk. Provides redundancy, but not designed for data
protection.
 RAID Levels
■ RAID 0 – Data spread across many disks, improving data access. Example: 3 disks of 20GB
combined appear to be a single 60GB disk. DANGEROUS: If one disk fails, ALL DATA IS
LOST.
■ RAID 1 – Disk A is mirrored to disk B. Highest overhead of all RAID levels, but very
redundant.
■ RAID 5 – Data spread across three or more disks, with parity. Highest read rate, medium

Page 21 of 27
write rate, high efficiency.
 RAM – Random Access Memory. RAM is used for storing data in a computer. It is random and
volatile, loosing whatever it holds when power is lost. Measurements of RAM are in Megabytes,
Gigabytes, and Terabytes.
 RPC – Remote Procedure Call. A technology that allows execution of remote processes across shared
networks, usually on another computer.
 SAM – Security Account Manager. A database present on servers that store user accounts and security
descriptors for users on the local computer.
 SQL – Structured Query Language. The language used by nearly every database server on the market
today, used to retrieve and manage data in relational database systems.
 UNC – Uniform Naming Convention. A common syntax that describes the location of a network
resource, such as a printer, directory or file.
 WAN – Wide Area Network. Denotes a large network, crossing public networks. The largest and most
recognized example of this is the Internet.
 WINS – Windows Internet Name Service. Microsoft's implementation of NetBios name server on
Windows.

Page 22 of 27
Hardware
Component Manufacturer Model HCL Verified?
Serial Port Adapter Yes No
USB Controller Yes No
Pointing Device Yes No
Keyboard Yes No
Smartcard Reader Yes No
ISDN Modem Yes No
DSL Modem Yes No
Wireless Modem Yes No
Video Card Yes No
Monitor Yes No
LAN Card Yes No
WAN Device Yes No
Wireless Device Yes No
ATM Adapter Yes No
Printer 1 Yes No
Printer 2 Yes No
Printer 3 Yes No
Printer 4 Yes No
Printer 5 Yes No
Scanner Yes No
Sound Yes No
RAID Storage Yes No
Storage Adapters and Yes No
Controllers
Hardware Based RAID Yes No
(Storage Array)
Optical Disk Drive Yes No
Hard Disk Drive Yes No
Tape Drives Yes No
Medium Changer Yes No
Removable Storage Yes No
iSCSI Boot Component Yes No
Bridge Yes No
UPS Yes No

Page 23 of 27
Yes No
Yes No
HARDWARE NOTES

Page 24 of 27
Software
Name Manufacturer Version Patches or Updates
Available?
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
Yes No
SOFT WARE NOTES

Page 25 of 27
Workstations
Department Asset or Workstation # User Name Special Configuration

WORKSTATION NOTES

Page 26 of 27
Services
Service Name Associated Program Manufacturer Start Method

SERVICES NOTES

Page 27 of 27