I recently completed a project at work involving adding a Windows 2008 Server to my Microsoft Windows Active Directory as a Domain Controller. I tend to over prepare for these things and I can report that the project went as expected.
The most frustrating part of the experience is the lack of "usable" technical documentation from Microsoft. Notice that I emphasize the word "usable" - this is important because Microsoft talks allot (metaphorically speaking) but doesn't say much.
First things first, as always searching Microsoft's Knowledge-base (including TechNet) proved futile. I got better results using Google to search Microsoft's documentation than I did by going directly to the TechNet website and searching it. Why can't Microsoft get that right?
When I found pertinent documentation within the TechNet site, it was vague and lacked the kind of details a Technologist such as myself needs to successfully complete a project. I believe in Microsoft products, especially Windows and Active Directory, so why do they make it so hard to love them? I digress, sorry.
Google yielded some great search results including one for the IT Core Blog - I don't know who runs this blog, but it was most helpful and provided the kinds of technical details that I expected out of TechNet. The URL is http://srvcore.wordpress.com/ and I recommend it to anyone working with Microsoft products. What Microsoft lacks, the community that supports Microsoft products will always fill in the blanks.
You must prepare both the forest schema and the domain for a Windows 2008 Domain Controller. The process proved straight-forward for me. I backed up AD then ran the Active Directory prep tools from the 32-bit edition of the Windows 2008 Server installation disc (this was important because you can't run the 64-bit edition of the adprep tool on a 32-bit system - common sense) and it took no more than 15 minutes to finish. Once the forest & domain were ready, I added the AD DS role to the Windows 2008 server and the rest, as they say, is history. During the process, you'll be asked if you want to make the new DC a Global Catalog and also a DNS Server. Microsoft recommends that once the Windows 2008 DC has been added, you transfer all the Operations Master (FSMO) roles from the old domain controllers to the new Windows 2008 DC. As always with Microsoft products, trust but verify (which I did - replication and the other functions associated with Active Directory were working normally).
Raising the forest functional level and the domain functional level were straight-forward. To boil it down, the forest & domain functional levels are the ways that domain controllers "talk" to each other. The higher the forest & domain functional levels, the more features in the new Windows 2008 operating system that you can take advantage of (think features such as password functions, group policy settings, things like that). If you have a Windows 2008 DC, I recommend you raise the forest functional level to at least Windows 2003 - keeping it at the default Windows 2000 kind of defeats the purpose of having a newer Network Operating System. Running Active Directory in mixed mode means that the network has Windows 2008 and Windows 2003 domain controllers. If you run Active Directory in native mode, then all your domain controllers must have the same operating system (example: Windows 2008). I have a feeling many enterprises will operate AD in mixed mode until the Windows 2003 DCs are retired and replaced with Windows 2008 servers.
The research I've done to prepare for this Windows 2008 upgrade proved very informative and should help me in my preparation to take Exam 70-646: PRO: Windows Server 2008, Server Administrator from Microsoft. I should have at least one certification from Microsoft since I use their products so much.
A belated Merry Christmas and a Happy New Year! Here is to hoping that 2011 is a much better year than 2010.
Rob
No comments:
Post a Comment