What is the best way to consolidate three NT4 PDCs into one Win2k server domain?
I'm in a bit of a quagmire. My company has three divisions with NT 4.0 primary domain controllers (PDCs) on separate subnets with no backup domain controllers (BDCs). It plans on migrating to one Windows Server 2000 and Active Directory. What is the best way to consolidate its three primary NT 4.0 domains into one Windows 2000 server domain (and one subnet)? Please also consider that my company hasn't decided yet if it will purchase a new machine, so we might possibly be doing the migration on its current PDCs. That means there might be two machines left over for replication. Thanks for any consideration you give to this scenario.
If I were in your position, I would try to get one more machine to be the new AD domain and then migrate the users and information into the new AD. I like building AD infrastructures from scratch so that I do not have to bring all of the old (often bad) baggage from the old NT 4.0 domain. Now, what you could do is build a BDC on a workstation machine and then make the workstation the PDC. This is a little risky and you will want to have a good plan for the AD infrastructure so you don't waste any time. No one is going to feel good about a workstation being the PDC -- but, hey, if they won't spend the cash, it is an efficient way to execute the change.
Once that is done, remove the existing PDC from the domain and erase it. Then rebuild it as a fresh new AD domain controller.
Then establish trusts between the old NT 4.0 domains and use the AD migration tool (on the Windows 2000 CD in the Support Tools). This will allow you to move users and other resources to AD with minimal impact on the end users.
Once everything is migrated, break the trusts, take the NT 4.0 domain controllers off the network, switch the Win2000 AD to native mode, and then rebuild the NT 4.0 domains to be Win2000 DCs.
Of course, this is a bit oversimplified, but it gives you an idea.
This was first published in March 2003