Migrating from NetWare to NT

The Migration Tool for NetWare helps you transfer your NetWare file servers to an NT environment

One potato, two potato, three potato, four. NetWare? NT? NetWare? NT? Sound familiar? If so, you're one of a growing number of network administrators wrestling with the Novell NetWare vs. Windows NT Server dilemma. As NT Server comes of age and NetWare's market share falters, more of today's small, midsize, and large network sites are asking themselves which network operating system will take them into the twenty-first century. This decision is complex, but if your company decides to switch from NetWare to NT, as the network administrator, you will need to find a way to make it happen. (For an overview of NT and NetWare coexistence, see Michael D. Reilly, "Living with Novell NetWare,"October 1997.)

Enter Migration Tool for NetWare. Included with NT Server 4.0, Migration Tool for NetWare lets you transfer your existing NetWare 2.x, 3.x, and 4.x file servers to an existing NT Server environment. In addition, with a few clicks of the mouse, Migration Tool for NetWare lets you transfer your NetWare users, groups, individual volumes, files, and directories. Even if your site has only a few users and files, Migration Tool for NetWare can greatly reduce the time and effort required to successfully migrate to NT. Without Migration Tool for NetWare, you must manually add each user and group account to the NT server and selectively copy each file and directory--a daunting prospect.

If the destination NT server is running Microsoft's File and Print Services for NetWare (FPNW) you can also migrate user logon scripts. FPNW lets an NT server function as both a standard NT server and a NetWare file-and-print server. Therefore, NetWare 2.x and 3.x clients can access both servers without additional software or configuration changes to the client. (Note: FPNW is an add-on for NT Server that you must purchase separately. For a detailed description of FPNW, see John Enck, "Behind the Scenes of FPNW," December 1995.)

Let me take you step by step through a sample migration from NetWare 4.11 to NT Server 4.0. I will tell you how to configure user and group information, handle duplicate names, assign passwords, and migrate individual files and directories. Most important, I'll show you how to perform a trial migration before doing the real thing.

Before you start the migration, you need to get a few things in order on the NT Server side. First, the destination server must be either a Primary Domain Controller (PDC) or a Backup Domain Controller (BDC). This requirement makes sense because NT application servers don't participate in logon authentication and don't know or care about user or group accounts or how to handle them. Second, the destination NT server must be running the NWLink IPX/SPX Compatible Transport and the Gateway and Client Services for NetWare (GSNW). IPX/SPX is the default network protocol in the NetWare world and lets NT communicate with the NetWare server. Finally, as an option, you can install NTFS on the destination server. NTFS grants NetWare trustee rights for files and directories that you want to migrate. Because the migration process makes significant changes to the destination server, be sure you have a solid, verified backup before continuing. With these preparations complete, here we go.

Migration Tool
You can run Migration Tool for NetWare from three locations: the destination server, a remote NT server, or a system running NT Workstation. To run Migration Tool for NetWare on a remote system, you must copy the following files: nwconv.exe, nwconv.hlp, logview.exe, and logview.hlp from the %systemroot%/System32 server folder. You start the migration on the NT system from which you are running the migration. If you choose to run the migration from a remote NT system (server or workstation), make sure you have a valid connection to the destination NT server. In addition, you must run the Microsoft NetWare client on the system where you run nwconv.exe. I ran this sample migration using NetWare 4.11 as the source and NT Server 4.0 as the destination. I ran Migration Tool for NetWare on the destination server, not a remote system.

To begin the migration, from the Start menu, select Programs, Administrative Tools, Migration Tool for NetWare. The first time you run Migration Tool for NetWare, the Select Servers For Migration dialog box appears, as you see in Screen 1. Use this screen to select a NetWare file server to migrate and a destination NT server. If you have run Migration Tool for NetWare before, the program saved your configuration information and automatically loads it when the program starts. The Select NetWare Server dialog box appears and lists all NetWare servers it finds.

An important fact about Migration Tool for NetWare is that it does not work with Novell Directory Services (NDS). This limitation is significant because in a NetWare 4.x environment, NDS is how you manage objects or resources. Migration Tool for NetWare handles connections to NetWare 4.x servers running NDS through bindery emulation. Older NetWare 2.x and 3.x servers maintain a flat file database called the bindery. Unlike NDS, each bindery server is a separate entity and knows nothing about the outside world. In these circumstances, Migration Tool for NetWare treats 4.x servers the same as 2.x and 3.x servers.

This serious shortcoming leads to some interesting issues during the migration. For instance, when you select a 4.x server from the list, you will see the name of your current context. In Novell terms, your current context is your position in the NDS tree; your current context is the same as your current directory in DOS. You can see files only in the current directory, and you can see objects only in the current context. Also, be aware that you cannot change your context from within the NetWare server selection screen. If you do not see any NetWare servers listed, check to make sure you have NWLink IPX/SPX Compatible Transport and GSNW loaded on the NT server.

When you have selected your source and destination servers, click OK. If you have not already been authenticated to the NetWare server when you logged on to the NT server, the program will ask you to provide a Supervisor-equivalent account name and password. Notice that NetWare uses the term Supervisor and not Administrator. Because I connected using bindery emulation, the NetWare 4.x systems did not recognize the Admin account but interpreted my Admin logon as a Supervisor-equivalent account. The account must be Supervisor equivalent because you need complete NetWare system access and control. Similarly, for NT you must log on as Administrator or equivalent.

At this point, you will see the main Migration Tool for NetWare screen, shown in Screen 2, page 116. The screen lists all NetWare and NT servers selected for migration. (You can have multiple source and destination servers.) From this screen, you can make all necessary migration configuration modifications. You can add servers to be migrated, delete servers, set user and group options, set file and folder options, view log files, run the migration, and most important, run a trial migration. From the File menu, you can restore a previously saved configuration file, save current configuration settings, or clear everything by selecting Restore Default Config. By default, the configuration files have a .cnf extension and are located in the %systemroot%/System32 directory. You can't read the configuration files with a text viewer--I tried.

To add servers to the list, click Add on the main Migration Tool for NetWare screen and add your NetWare and NT servers, just like you did when Migration Tool for NetWare first started. You must log on to each NetWare server you select even though you might have done so when you first logged on. To delete a set of servers, select the set from the list and click Delete. A word of caution: The program won't ask whether you really want to delete the server; it simply does it.

Users and Groups
After you select your list of servers, you configure user and group options by clicking User Options on the Migration Tool screen. You configure specific elements of the migration process by using the four tabs (Passwords, Usernames, Group Names, and Defaults) on the User and Group Options screen, as you see in Screen 3. By default, Migration Tool for NetWare transfers users and groups during the migration. To exclude users and groups, clear the Transfer Users and Groups check box at the top of the screen.

Map files (which tell Migration Tool for NetWare how to process usernames, passwords, and group names during the migration) give you more control over the migration process. Without map files, you would need to use Migration Tool for NetWare's internal migration methods. The map file lets you list each NetWare account, the new NT account name, and the corresponding password. The format of the file is old_name, new_name, password. The map file also has a section for group names that follows the same format (excluding the password field). To use this option, select the Use Mappings in File: check box on the User and Group Options screen.

You can choose to create the map or edit an existing map file. Map files have a .map extension, and the program stores them by default in the %systemroot%\System32 directory. You can view them with any text viewer. To create a map file, first select the Use Mappings in File: option, and then click Create to bring up the Create Mapping File screen. By default, the program includes username information in the map file. If you want to exclude user accounts, clear the Include User Names option. Similarly, if you want to exclude group information, clear the Include Group Names option at the bottom of the screen.

Next, and perhaps most important, is the default password option. You have three choices: No Password, Password is Username, and Password is <password> (the same password for everyone). I don't like any of the choices, but another option saves the day: If you check User Must Change Password on the Passwords tab, your users must input a new password the first time they log on. Interestingly, no one can read NetWare passwords after a NetWare server saves and encrypts them. This restriction means that Migration Tool for NetWare can't migrate user passwords; you must reassign them. You can see the work that's involved if you have a large number of users.

After you have selected a map file and set the default password option, click OK. A dialog box will appear to let you know that Migration Tool for NetWare created the file and ask whether you want to edit it. If you select Yes, Notepad will start and automatically load the map file. If you intend to use mapping, I suggest checking the map file to make sure everything looks right--user and group accounts are correct and unnecessary information has been deleted. You will probably see user or group names that you don't need to migrate. The map file has a \[USERS\] section for user accounts and \[GROUPS\] section for group names. You can fully edit the file and make necessary changes, such as adding the passwords you will use when creating NT accounts. What's pretty slick about the map file is that it automatically picks up all NetWare user/group accounts and writes them to the file.

If you forgo the map file, you must configure password, user, and group parameters manually. On the Passwords tab, you can set the default password and determine whether users need to change their password the first time they log on. As I mentioned earlier, you have three choices for the default password: No Password, Password is Username, and Password is <password>--the same for all users. Because all these options can lead to some interesting security problems, I strongly suggest keeping the default option of users changing their password the first time they log on.

The Usernames and Group Names tabs each contain options for handling duplicate NetWare and user and group names. Both sections let you log the error, ignore the duplicate name, or add a prefix of your choice. Only with usernames can you choose to overwrite existing NT accounts with the new NetWare information. If errors occur during the migration, Migration Tool for NetWare will write them to the Error.LOG file.

Use the Defaults tab to configure the migration of administrative rights. The default is Use Supervisor Defaults; this option lets Migration Tool for NetWare overwrite the current Administrator account policy restrictions on the NT server with those from the NetWare Supervisor account. The policy settings include intruder lockout, password uniqueness, required password change, password aging, and minimum password length. The second option, Add Supervisor to the Administrators Group, determines whether the program adds NetWare Supervisor-equivalent users to the NT Administrators Group. By default, this option is not selected.

You can transfer NetWare account information to a master domain by clicking the Advanced button on the User and Group Options screen, then selecting the Transfer Users to Trusted Domain option. You use this option to transfer NetWare account information to the domain controller of the master domain. However, Migration Tool for NetWare still transfers file and folder information to the currently selected NT server. If you transfer groups to the master domain, Migration Tool for NetWare creates the groups as global groups in the master domain and as local groups on the selected server.

Files and Folders
After you have successfully configured user and group information, you need to configure the migration of files and folders. From the Migration Tool for NetWare screen, select File Options. By default, Migration Tool for NetWare transfers all files and folders from the NetWare server during the migration process, with the exceptions of system or hidden files and three of the default directories created on a NetWare server: the \LOGIN, \SYSTEM, and \ETC folders. If you want to include these files or folders, you can select them from the Files, Files to Transfer screen. You can also exclude files or folders from the migration by clearing the Transfer Files check box.

By default, the Source Files listing on the File Options screen makes available all volumes on the NetWare system. You can delete or add these volumes by clicking Delete or Add. After you select a NetWare volume, you must specify its destination NT volume, share name, and folder by clicking Modify. In the Modify dialog box, you can transfer the NetWare volume files and folders to an existing share, or you can create a new share. To change a share's directory path, click Properties. To transfer data to a directory under an existing share, type the full path in the Subdirectory field. However, from this screen, you can't change the path for existing shares, only for new shares.

Selecting individual files and folders for transfer is straightforward. After you select the appropriate NetWare volume from the Source Files listing, choose the folder you want to view; then select specific files from the folder, as you see in Screen 4. Migration Tool for NetWare transfers folders and files that are selected. If a user creates a file on a NetWare volume after you complete the migration configuration, Migration Tool for NetWare will transfer that file if you are moving other files in the same folder.

Log Files
Now you have finished configuring the migration process. You have taken care of users, groups, files, and folders. The only other element to consider is log files. Log files help you determine whether a migration ran successfully. To set options for log files, select Logging on the main Migration Tool for NetWare screen. The default option is Verbose User/Group Logging. This option records the most information during a migration and includes summary information for files and folders and complete activity for users and groups. To reduce the size of the log file, you can clear this check box, so that you will record only user names and groups. The second logging option, Popup on Errors, causes the migration process to stop on each error and requires manual intervention. The Verbose File Logging option records all files and folders transferred and their source and destination directories.

You can view log files by first clicking Logging... on the main Migration Tool for NetWare screen. Then, click View Log Files to start the logview.exe program. Logview.exe displays the three log files that Migration Tool for NetWare creates during a migration: Error.LOG, Summary.LOG, and LogFile.LOG. As you see in Screen 5, page 122, Error.LOG contains a list of all errors that occurred. These errors include system errors, network errors, and user account names that were not transferred because of a conflict. Summary.LOG is a statistical file that contains migration information such as total running time, number of users and groups transferred, number of files transferred, number of name conflicts, and the total number of errors. LogFile.LOG contains a record of what successfully transferred and what failed as a result of an error. The file has sections pertaining to Supervisor defaults, user/group information, transfer options, and file information.

As I stated earlier, if the destination NT server is running FPNW, Migration Tool for NetWare can transfer user logon scripts. For this feature to work properly, you must transfer the necessary file and folders from the NetWare system, especially the \MAIL directory, where the login script files are stored. When the user logs on to the NT server, the logon script will run as the user's personal logon script.

Trial Migration
The best feature of Migration Tool for NetWare by far is its ability to perform a trial migration. The trial migration lets you tweak the configuration; you can run trials as many times as you like. A word to the wise: Use the trial migration. Treat it as your friend. It can save your career if you inadvertently set your migration options to walk over the top of your existing NT environment. During the trial migration, Migration Tool for NetWare doesn't transfer information between the source and destination systems; it only creates log files to inform you how the process went. The trial run creates the same three log files (Error.LOG, Summary.LOG, and LogFile.LOG) as the real thing. Each time you run the trial migration, Migration Tool for NetWare creates new log files and renames the previous log files, replacing the extension with an incremental number.

To start the trial migration, click Trial Migration on the main Migration Tool for NetWare window. Be warned that the program doesn't ask you to verify this action; the trial starts immediately. When the Verifying Information dialog box appears, the migration program is verifying user, group, file, directory, and volume information on the source NetWare system. When the verification is complete, the trial conversion begins. You can follow the progress of the conversion on a monitor, as you see in Screen 6.

The Real Thing
When you have successfully run the trial migration with no errors, you're ready to go for the real thing. The real migration is the same as the trial migration, except that it takes considerably longer. To start the migration, click Start Migration on the main Migration Tool for NetWare screen. As with the trial migration, no verification screen will ask whether you really want to start the process, although you can click Cancel at any time. On NetWare systems with many users, groups, files, or folders, the migration process can take quite a long time. Although migration time will vary with machine speed, memory, and network bandwidth, I've seen migrations that involve 1000 users and more than 100 groups take more than two hours to complete; so schedule accordingly.

When the migration process is finished, a final dialog box (shown in Screen 7) shows you statistics, including the number of users and groups transferred, the number of files transferred, and the total number of errors. If you have errors, check the log files to see what corrective action is necessary. If for some reason the migration fails, remember that you still have a complete and intact NetWare server that you can use to try again. Also, realize that you might have some significant work to do on the destination NT server to clean up user, group, file, and folder information.

Simplifying Migration
Migrating a NetWare 4.11 server to NT Server 4.0 is not difficult, but you can't take the process lightly. When used correctly, the Migration Tool for NetWare can save you hours of work and unnecessary headaches. I hope you can rest easier knowing that if you must ever migrate your NetWare servers to NT, you have the knowledge and the tools to do the job.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.