Here we go! The goal is to "migrate" from SBS2003 on Box A to a clean install of SBS2003 on Box A without losing Active Directory/Companyweb data/Exchange data and minimal downtime. Here is my current layout:
1. SBS2003 Premium - 2 nics, static IP on the external nic. Name of the box is "server"
Performs the following tasks:
- File shares
- Holds all the Active Directory FSMO roles
- Exchange Server with internal clients, OWA clients, PocketPC clients and RPC over HTTP clients
- Exchange is currently hosting 2 email domains
- Public DNS server (hosting my own DNS)
- Firewall for the network (ISA2004)
- WSUS server
2. Three Windows XP Pro machines
3. One of the Windows XP Pro machines is running Virtual Server 2005 with a Windows 2003 Domain Controller up and running in the virtual environment (I never know how to word that correctly). Name of the replica DC is "Win2kdc"
Currently, Server and Win2kdc are in perfect harmony. Replication is good. I have completed several tasks prepping for the migration: Win2kdc is a Global Catalog Server. DNS has been installed on Win2kdc. All of my DNS zones were changed to "Active Directory Integrated" to allow them to be stored in Active Directory and replicate to Win2kdc.
My plan is:
- Get a good verified backup of both Server and Win2kdc
- Export my current public certificate that is being used on ISA2004's Web Listener
- Transfer the FSMO roles from Server to Win2kdc
- Uninstall Exchange 2003 from Server
- Manually remove Exchange from Active Directory (what's left). I am doing this to avoid "HomeMTA" issues when installing Exchange again.
- DCPromo down Server
- Flatten Server
- Install Windows 2003 Server from the SBS2003 media
- Stop the install after the operating system portion completes
- DCPromo into the existing domain per this awesome article (steps 10 thru 13 are from this article)
- Make NewServer a Global Catalog Server
- Transfer the FSMO roles to NewServer
- Install SBS2003 with SP1 slipstreamed
- Run the CEICW and chose "use existing certificate" and point to the exported certificate from step 2 above
- Get SBS2003 all up to date including Exchange 2003 Service Pack 2 and SharePoint Service Pack 2.
- Restore Exchange data
- Restore Companyweb data
I am sure I forgot something! I have backups, we will see.
Here are the steps completed today:
- Transferred the FSMO roles and Licensing Server from Server to Win2kdc per by completing steps 9 and 10 from this awesome article (reversed them, transferring them off of Server and on to Win2kdc)
- Exported the certificate from the Server's Personal Certificate Store. I did this by following these steps on Server:
- Start - > Run -> MMC and hit enter
- Click File -> Add/Remove Snap-in and click Add
- Click Certificates and click Add
- Place the bullet next to Computer Account and click Next
- Leave the bullet next to Local Computer
- Click Finish, click Close, click OK
- Expand Certificates, expand Personal and click on Certificates
- Locate the "public" certificate (mail.contoso.com for example)
- Right click on the certificate and click Export.
- When the Certificate Export Wizard begins, click Next.
- Select Yes, export the private key, and then click Next.
- Accept the defaults on the Export File Format page, and then click Next.
- Enter a password, confirm the password, and then click Next.
- Enter the location and name of the file you are exporting to (which has the extension .pfx), click Next, and then click Finish.
After completing these steps, I know that my SBS box will start shutting down within the next couple weeks as it does not hold all the FSMO roles. I should be able to compete the migration well within the "grace period". Even if something comes up I can always transfer them back and be good as gold again.
Stay tuned for SBS2003 Migration Part 2, coming soon!