In last week’s column, I wrote about the three-phase approach to migrating to Windows 2000 (Win2K). This week, I'll focus on phase 1, which involves pre-planning and preparing your current networking environment for migration. The larger the organization, the more time you'll need to take to prepare for migration. Because every organization is different, not everyone will necessarily be migrating from Windows NT 4.0 to Win2K. In this column, I'll focus on the most likely migration scenario—where an organization is already running an NT network and plans to migrate to Win2K. If you're migrating from a non-Windows environment, you can still benefit from most of this discussion.
Create an Inventory
To better understand the entire project, start by creating an inventory of what you have. Gather information about your network topology; the domain model; the number of servers in your organization and their roles (PDCs, BDCs, member servers); the location of your current DNS, DHCP, and WINS servers; and your TCP/IP subnets and number of remote sites. Also, pay attention to the number of workstations in your organization, the types of applications (especially any custom or homegrown applications), and other Microsoft BackOffice servers such as Exchange. Depending on your company, this inventory might include several other items. After you have a clear picture of what your domain model looks like, make a list of all trust relationships (if any) in your NT network. Because the two-way Kerberos trusts in Win2K are automatic and transitive in nature, having a better understanding of your trust relationships will ensure that you keep your network security intact after the migration.
Consolidate and Flatten Domains
If you have a multimaster domain model, you will want to start to consolidate and flatten your domains as much as possible. For most organizations, reducing the number of domains in phase 1 will be helpful in designing the new Win2K domain model. Fewer account and resource domains will also mean fewer trust relationships, which will result in a smoother migration. Keep in mind, we are talking about large enterprises—smaller corporations generally have fewer things to worry about.
If you are concerned that you will have to reinstall domain controllers to consolidate, don’t worry. Several vendors provide tools to automate domain consolidations. Check out tools from Mission Critical Software (http://www.missioncritical.com) and FastLane Technologies (http://www.fastlanetech.com/products/). Microsoft has licensed Mission Critical Software’s Domain Migrator technologies for use with Win2K Server. This tool, which will be available as a Microsoft Management Console (MMC) snap-in when the product is released, lets you upgrade and consolidate your domains in one step. FastLane Technologies’ domain consolidation tool is DM/Manager. This utility gives you similar capabilities to automate the consolidation of your existing NT domains and prepare for an efficient transition to Win2K. Domain consolidation may not be a good choice in every case, so you will want to evaluate your environment before deciding to flatten your domains.
Switch to TCP/IP
If you are not already using TCP/IP as your primary network transport, now is the time to switch to TCP/IP. Standardize your network on TCP/IP and become a TCP/IP and DNS expert. Unlike NT, where you can run the protocol of your choice (TCP/IP, NWLink, or NetBEUI), Win2K doesn't give you a choice. NWLink and NetBEUI are optional, but running TCP/IP is a requirement in Win2K.
Use Standard DNS Characters
Another thing to keep in mind during phase 1 is to ensure that your domain and host names use standard DNS characters. Win2K supports standard DNS characters for domain and host names per Request for Comments (RFC) 1123 (A through Z, a through z, and hyphen) as well as RFC 2044 (Unicode characters based on UTF-8 encoding). Even though DNS supports hyphens, I recommend that you stay away from hyphens, Unicode characters, and underscores. To be safe, stick to standard letters and numbers. DNS names in Win2K are not case sensitive, so you can use uppercase, lowercase, or a combination. Win2K relies heavily on DNS. Renaming your domains and machines properly in phase 1 will ensure a smooth migration to Win2K’s DNS. While we are on the subject of renaming domains, I also recommend that you keep your domain names short and simple. Because your server names will be part of the longer DNS names, keep in mind that longer names will be hard to remember and difficult to type when you are managing your network.
Train Your Staff
Finally, during phase 1, you need to start training your staff. Depending on the responsibilities, you'll want to provide a different level of training for various individuals or groups of individuals. Obviously, your Help desk staff doesn't need the same level of training as your network architects. Several training avenues are available: You can try self-study kits, online training, or instructor-led training. Everyone seems to have a different preference. I prefer instructor-led training combined with hands-on experience with the product. Self-study materials have the advantage of letting you study at your own pace (much like the online training). However, these training methods might not be the right choice for everyone. You should experiment with different forms of training to find the perfect fit.
You need to train your employees at this stage so they get a better understanding of the basic concepts of Win2K, such as Active Directory (AD) and dynamic DNS. This training will continue in phase 2—the planning phase, which we'll talk about next week.