Designing Your Windows 2000 Active Directory - Part 5
Incremental Migration
Incremental migration is more suitable for companies that need to completely redesign their systems and domain structure. However, this method also requires additional hardware for the migration. A high-level description of an incremental migration includes:
The right deployment method will depend on your local IT policies and supporting infrastructure. Microsoft has improved existing deployment methods and has included new ones.
Unattended Installs. Microsoft has substantially improved the unattended install by creating a wizard-based setup manager that guides you through the process of creating the unattend.txt file for hands-free installation. The setup manager runs across the network and is the most flexible method of deployment automation. Use an answer file to specify settings that are common to multiple computers and use a uniqueness database file (UDF) during an unattended installation to identify unique settings to a computer.
Duplication. When deploying a large number of computers on identical hardware, you can use the duplication method through the Sysprep tool (sysprep.exe), which prepares the disk for duplications. Storage controllers, hardware abstraction layers (HALs), and advanced configuration and power interface (ACPI) functionality must all be identical. Sysprep allows you to set up and configure the computer and duplicate the hard drive for deployment. It strips the Security ID (SID) from the computer, but when the computer is rebooted, it regenerates the SID.
Remote Installation Services. New to Windows 2000, Remote Installation Services (RIS) allows the installation of Windows 2000 on client computers. RIS uses dynamic host configuration protocol (DHCP), DNS, the Active Directory, and the Preboot Execution Environment (PXE)-enabled client for policy-based installation. The PXE client, using DHCP, makes the request for the install service. Combining RIS with IntelliMirror� can provide a completely unattended installation and user settings.
Incremental migration is more suitable for companies that need to completely redesign their systems and domain structure. However, this method also requires additional hardware for the migration. A high-level description of an incremental migration includes:
- Create the new forest or root domain by performing a clean Windows 2000 install.
- Establish down-level trusts between established Windows 2000 domains and the original Windows NT Server 4.0 domains so that moved users can access the resources.
- Clone groups and users by using the ClonePrincipal utility (provided in Windows 2000); this will create a duplicate user in the new domain.
- Move computers using the NetDom utility (provided in Windows 2000) to join the computers to the new domain.
- Once all users, groups, and resources have been moved or copied, retire the Windows NT Server 4.0 domains by taking any remaining Windows NT Server 4.0 controllers off-line and remove trusts.
- Decommission the Windows NT Server 4.0 domains.
The right deployment method will depend on your local IT policies and supporting infrastructure. Microsoft has improved existing deployment methods and has included new ones.
Unattended Installs. Microsoft has substantially improved the unattended install by creating a wizard-based setup manager that guides you through the process of creating the unattend.txt file for hands-free installation. The setup manager runs across the network and is the most flexible method of deployment automation. Use an answer file to specify settings that are common to multiple computers and use a uniqueness database file (UDF) during an unattended installation to identify unique settings to a computer.
Duplication. When deploying a large number of computers on identical hardware, you can use the duplication method through the Sysprep tool (sysprep.exe), which prepares the disk for duplications. Storage controllers, hardware abstraction layers (HALs), and advanced configuration and power interface (ACPI) functionality must all be identical. Sysprep allows you to set up and configure the computer and duplicate the hard drive for deployment. It strips the Security ID (SID) from the computer, but when the computer is rebooted, it regenerates the SID.
Remote Installation Services. New to Windows 2000, Remote Installation Services (RIS) allows the installation of Windows 2000 on client computers. RIS uses dynamic host configuration protocol (DHCP), DNS, the Active Directory, and the Preboot Execution Environment (PXE)-enabled client for policy-based installation. The PXE client, using DHCP, makes the request for the install service. Combining RIS with IntelliMirror� can provide a completely unattended installation and user settings.
