Windows 2000: Upgrade or Migration?
March 2, 2001
by Ryan Smith
A successful Windows 2000 rollout involves a great deal of planning before the first CD is ever inserted. Performing a move from Windows NT 4.0 to Windows 2000 can actually take two different methods - upgrading and migrating.
An in-place upgrade is typically considered to be the normal upgrade method to move from Windows NT 4.0 to Windows 2000. This process consists of simply running the Windows 2000 upgrade on the Windows NT 4.0 PDC. This begins the domain upgrade process and moves your PDC to Active Directory. When you are sure that the new Windows 2000 DC (your former PDC) is stable, you can begin the next stage. Typically one at a time, the BDC's are upgrading to Windows 2000. When the all of the BDC's have been upgraded to Windows 2000, you can switch from Mixed Mode to Native Mode.
A domain migration occurs when a complete redesign of the domain structure is desired. Reasons for this could be that you need to redesign your current directory services infrastructure or if you have a business need to maintain the stability of your production Windows NT 4.0 environment during your migration. The process of performing the actual migration involves creating a new installation of Windows 2000 with what is referred to as a pristine forest on a new server. You then establish a two-way trust relationship between this new Active Directory domain and your existing Windows NT 4.0 domain(s). Next you clone the global groups into your AD domain and then clone the actual users into your AD domain. Finally when all users and groups have been moved permanently into the new AD domain, you can decommission the NT 4.0 domain. (Of course, there's much, much more to a migration such as moving resources, but this is a very broad overview.) One caveat of performing a migration as opposed to an upgrade is that the SIDs will not copy over. Since you are creating new global groups and new users in your AD domain, these groups and users all have unique SIDs that will NOT match the SIDs of their corresponding NT 4.0 domain global groups and user accounts. Microsoft provides for this by having unique Windows 2000 utilities that utilize an Active Directory attribute called SIDhistory. SIDhistory stores the old SIDs of moved objects such as global groups and user accounts.
There are dozens upon dozens of references available for this material. Microsoft and many other publishers have several books available on this entire process of moving from NT 4.0 to Windows 2000. In addition there are also several very respectable third-party utilities which can greatly assist with the entire upgrade/migration process. Although most of the third-party utilities that I have seen focus much more so on the migration path and domain consolidation option than on the simple upgrade path.
Each method, either an upgrade or a migration, has both pros and cons that are unique. This is what makes the upgrade/migration to Windows 2000 so difficult. Which method do you use? That all depends on you're environment, your experience and you're desires. Just determining which method you are going to use to move from NT 4.0 to Windows 2000 takes some major planning. This is definitely not something that should be entered into on a Friday afternoon at 4:30 with a Windows 2000 Server CD in your hands.Ryan Smith