Shulou(Shulou.com)06/03 Report--

1. View the 2003 domain environment

-number of domain controllers (dsquery server)

-DNS service

-Global catalog server

-Domain functional level

-Forest functional level

-Network parameters

-locate the primary domain controller

-FRS replication service

Use the following command to view the current domain environment

Hostname computer name

Whoami current user name

Dsquery server View Domain Server

Dsquery server-isgc view global catalog GC server

Nslookup View DNS Server

Set q=srv

_ ldap._tcp.dc._msdcs.ytzg.com

Net accounts to see which is the primary domain controller (view computer roles)

Repadmin / replsummary to view the replication of two services

2003 File Replication Service is used for replication between AD

2012 replication between AD uses distributed file services

II. Upgrade the functional level of 2003 domains

-- raise the functional level of the domain

-minimum Windows Server 2003

Click start, point to programs, point to Administrative tools, and then click Active Directory users and computers

2. Right-click "Domain" and select "upgrade Domain function level"

-- raising the functional level of the forest

-minimum Windows Server 2003

Click start, point to programs, point to Administrative tools, and then click Active Directory Domain and Trust relationship

2. Right-click "Domain" and select "upgrade Forest function level".

Deploy 2012 stand-alone servers

-- configure network parameters

-- IP address

-- preferred DNS server

-- plus domain

The-- add roles and Features Wizard promotes extra domain controllers

-Forest and architecture preparation

-Domain preparation

-- 2012 transfer all roles to the domain controller after becoming an extra domain controller

-- verify the FSMO role location

-Netdom query FSMO

-Dsquery server-isgc

-- transfer the FSMO role

-ntdsutil

-roles

-conn

-conn to server name of the current domain server (connect to the current server)

-quit

-seize pdc (transfer pdc role)

-- verify netdom server fsmo after FSMO migration

-- DNS post-migration verification

Nslooup

Set q=srv

Ldap._tcp.dc._msdcs.ytzg.com

IV. 2003 domain controller downgrade

-- attention to demotion

-if there are other domain controllers in the domain, the domain controller is demoted to a member server for that domain.

-if the domain controller is a Global Catalog server, it does not have the Global Catalog role after being degraded, so determine if there are other Global catalogs on the network before downgrading. If there are no other Global Catalog servers, assign a domain controller to play the Global Catalog role first, otherwise it will affect the user's login operation.

To test whether the domain controller is also a global catalog server, follow these steps:

1. Click start, point to programs, point to Administrative tools, and then click Active Directory sites and Services.

two。 Double-click site in the left pane, and then find the appropriate site, and if no other site is available, click Default-first-site-name.

3. Open the servers folder and click the domain controller.

4. In the folder of the domain controller, double-click NTDS Settings.

5. On the actions menu, click Properties.

6. On the General tab, see if the Global Catalog check box is selected.

-how to be the last domain controller in the domain, the domain controller is downgraded to a stand-alone server.

-downgraded to a member server (dcpromo)

-downgrade process

Hostname

Whoami

Qsquery server isgc

Cancel GC

Dcpromo

-"Active Directory users and computers" authentication

View under the "Domain Controllers" group

-- demoted to a stand-alone server

-delocalization

Dcpromo / forceremoval (force uninstall AD)

-Verification

5. After upgrading from 2003 to 2012, migrate FRS to DFSR

-the Windows Server 2003 domain has been seamlessly migrated to the Windows Server 2012AD DS domain service environment.

-2003 Domain Sysvol replication uses "File replication Service" File Replication Service service

-2012 Domain Sysvol replication supports "File replication Service" and supports more efficient DFSR (distributed File Service) replication

-- replication mode

-- 2003 domain environment replication

-FRS replication service: overall replication

-- 2012 domain environment replication

-DFRS replication service: the "DFS-R" mechanism replicates on a block-by-block basis, copying only the changes to the file, not the entire file.

The difference between 2003 and 2012

-- difference

-premise: there is a 1GB file in the SYSVOL folder. Change the 50MB content.

-2003 environment: "FRS" will copy the entire file (1GB+50MB).

-2012 environment: if "DFS-R" has copied the content of 1GB, copy the incremental content of 50MB after update.

-- Note:

-"DFS-R" supports copying the "SYSVOL" folder in versions of Windows Server 2008 and above.

By default, the sysvol folder 728MB should not be placed on files that are not policy-independent.

-- FRS migration considerations

-use the same operating system

-Domain controllers that need to upgrade the "DFS-R" replication service online

-the domain functional level and forest functional level are upgraded to at least "Windows Server 2008"

-complete the switching of DFS-R replication services in the domain controller with the "PDC" role

-- upgrade the functional level

-upgrade the domain functional level

-minimum Windows Server 2008

Click start, point to programs, point to Administrative tools, and then click Active Directory users and computers

2. Right-click "hhnry domain service" and select "upgrade domain function level"

-upgrade the functional level of the forest

-minimum Windows Server 2008

Click start, point to programs, point to Administrative tools, and then click Active Directory Domain and Trust relationship

2. Right-click "hhnry domain service" and select "upgrade forest function level".

-- Sysvol service replication status

-- steady state

-start statu

-status of readiness

-redirect statu

-eliminate statu

-- excessive state

-status of readiness

-wait for synchronization to initialize

-redirect

-eliminate

-undo the redirection

-preparation for withdrawal

-- Service migration status

-status update: "start"-"prepare"-"redirect"-"eliminate"

-- Sysvol folder change

-- the migration process creates a copy of Sysvol

-original location: C:\ windows\ sysvol

-desired location: C:\ windows\ sysvol_dfsr

-- Sysvol shared folder mapping changed from FRS to DFSR

-- the migration process deletes the original copy of Sysvol

Verify Sysvol

-- Net share

-whether the disk space meets the migration requirements

-- verify that replication between domain controllers is normal

-Repadmin / replsummary

-Repadmin / syncall / force (forced replication)

-verify the registry

Regedit

HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ Netlogon\ Parameters

Sysvol=c:\ Windows\ sysvol\ sysvol

SysvolReady=1

-verify that the DFSR service is started and set to "automatic"

-- migrate to ready state

-- verify replication

-Repadmin / replsummary

-- start migration

-Dfsrmig / setglobalstate 1

-Dfsrmig / getglobalstate

-Dfsrmig / getmigrationstate

-- Verification

-Net share, connect to the original folder

-check whether the file system, c:\ windows\ sysvol_dfsr, is created successfully. And the content has been copied.

-- migrate to the redirected state

-- start migration

-Dfsrmig / setglobalstate 2

-Dfsrmig / getglobalstate

-Dfsrmig / getmigrationstate

-Verification

-Net share, connect to the new shared folder sysvol_dfsr

-- migrate to the eliminated state

-- start migration

-Dfsrmig / setglobalstate 3

-Dfsrmig / getglobalstate

-Dfsrmig / getmigrationstate

-- Verification

-Net share, connect to the new shared folder sysvol_dfsr

-Repadmin / replsummary

-verify that the original sysvol in the domain controller is deleted

-- Delete FRS service

-confirm whether to retain the FRS service as needed

-- validate DFSR services

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.