Migrate from SBS 2008 or 2011 (Part 6)

Move the FSMO Roles from SBS Server

At this point the SBS Server holds all five FSMO. In order to demote the SBS Server, these roles must first be moved to another domain controller. They can be safely moved to any Domain Controller in the domain.

 
To transfer the FSMO roles, follow this steps:

  1. Click Start, click Administrative Tools and then click Active Directory Users and Computers.
  2.  If you are logged on SBS Server, right-click Active Directory Users and Computers and then click Change Domain Controller. If you are logged on the destination DC, you can go directly to step 4.
  3. In the Enter the name of another domain controller box, type the name of the server you want to transfer the roles to and then click OK.
  4. In the console tree, right-click Active Directory Users and Computers, point to All Tasks and then click Operations Master.
  5. Click the PDC tab and then click Change.
  6. Click OK to confirm that you want to transfer the role.
  7. Repeat steps 5 and 6 on the Infrastructure and RID tabs.
  8. Click Close to exit the dialog.
  9. Click Start, click Administrative Tools and then click Active Directory Domains and Trusts.
  10. In the console tree, right-click Active Domains and Trusts, point to All Tasks and then click Operations Master.
  11. To change the Domain naming operations master click Change and then click Close.
  12. Next, open an elevated command prompt and type the following command: Regsvr32 %systemroot%system32schmmgmt.dll
  13. Click on Start, click on Run and type MMC.
  14. In the MMC window click on File and then click on Add/Remove Snap-in…
  15. In the Add or Remove Snap-ins dialog click on Active Directory Schema, click Add and then click OK.
  16. Click Change Active Directory Domain Controller…
  17. Click to choose another DC in your forest and then click OK. Click OK to dismiss the warning dialog.
  18. Right-click on the Active Directory Schema and click Operations Master…
  19. Click the Change button. Click the Yes button when prompted to change the Operations Master.
  20. At the command prompt, type netdom query fsmo to verify that all the roles are now held by domain controllers, other than the SBS Server.

 

Uninstalling the Exchange Server
 

Now is time to uninstall the Exchange server from the SBS Server. Be careful, if you have installed ForeFront for Exchange Server. In this case you must first uninstall this product:
 

  1. Logon to SBS Server as Administrator.
  2. Click Start, click Run, then type Services.msc.
  3. Stop all the Exchange services.
  4. Click Start, click Control Panel, then select Programs and Features.
  5. Found Microsoft ForeFront Security for Exchange Server (if it is installed). Click Uninstall.
  6. Uninstall Microsoft ForeFront for Exchange Server.
  7. Restart the SBS Server.

The second thing that you must do is to create the registry key that enables you to remove the Exchange Server management tools:

  1. Click Start, click Run and then, in the Open text box, type regedit.
  2. Browse to HKEY_LOCAL_MACHINESoftwareMicrosoftExchangeV8.0AdminTools.
  3. From the Edit menu, click New and then click String Value.
  4. Type Type the name ConfiguredVersion.
  5. DoubleClick ConfiguredVersion and then, in the Value Data field, type the same value as the data value for the UnpackedVersion registry key, which is located in HKEY_LOCAL_MACHINESoftwareMicrosoftExchangeV8.0AdminTools.
  6. Close the registry Editor.

 

It could happen that you will also have to change manually the responsible server for OAB generation, remove public folders and change the source server for send connectors. This are the steps to control (change) this settings:

  1. To Change the source server for Send connectors:
    1. Click Start and then click Exchange Management Console.
    2. In tree view, on the left side, expand Organization Configuration, Hub Transport.
    3. In the result pane click Send Connector, then right-click on Windows SBS Internet Send connector and select Properties.
    4. Go to Source server tab and click Add…
    5. Select new Exchage server and click OK.
    6. Remove the SBS server from the list.
    7. Repeat the procedure for all the send connectors.
  2. Move the Offline Book generation to a new Exchange server (in case, that you don’t want to use public folders anymore, you must delete and create a new OAB).
    1. Open the Exchange Management Console.
    2. Expand Microsoft Exchange, expand Organization Configuration and then select Mailbox.
    3. In the results pane, click the Offline Address Book tab.
    4. On the Offline Address Book tab, select the offline address book you want to move. In the action pane, click Move.
    5. After the Move Offline Address Book Wizard appears, select the new server to host the offline address book generation by using the Browse button and then click Move.
    6. To close the wizard click Finish.
  3. Remove or move public folders. This steps are very clear explained on Microsoft Technet:
    1. For moving: http://technet.microsoft.com/en-us/library/bb331970(EXCHG.80).aspx
    2. For removing: http://technet.microsoft.com/en-us/library/bb201664(EXCHG.140).aspx

After this step, it is time to uninstall the Exchange server:

  1. Open Control Panel and then, in Programs, click Uninstall a program.
  2. On the Uninstall or change a program page, select Microsoft Exchange Server 2007 and then click Uninstall.
  3. In the Exchange Server 2007 Setup Wizard, on the Exchange Maintenance Mode page, click Next.
  4. On the Server Role Selection page, clear all of the server role check boxes and clear the Management Tools check box. Then click Next.
  5. On the Readiness Checks page, after the checks are finished, click Uninstall.
  6. On the Completion page, click Finish.

 
Demote the SBS Server and remove it from the domain

Log on to the Management Server as an administrator and follow this steps to remove the machine from the domain:

  1. Click Start, click Run and then type dcpromo.
  2. Click Next on the welcome screen.
  3. Click OK to dismiss the global catalog server warning.
  4. Click Next on the delete the domain screen.  Do not select the delete the domain because this server is the last domain controller in the domain check box.
  5. On the Remove DNS Delegation page, verify that the Delete the DNS delegations pointing to this server check box is selected and then click Next.
  6. When prompted, type a password for the local administrator account. Click Next.
  7. Click Next on the review screen to begin the demotion.
  8. Click the Reboot on completion check box.

 

After the machine has finished rebooting, remove it from the domain following this steps:

  1. Log on to the SBS Server as an administrator.
  2. Click on Start, right-click on Computer, then click on Properties.
  3. Click on Change settings.
  4. Select the Computer Name tab and click Change…
  5. Select Workgroup under Member of and enter a unique value for the workgroup name.
  6. Click OK and reboot when prompted.

Log on to the DC Server and verify that the DNS A record and computer account for the SBS Server have been successfully removed.

Migrate from SBS 2008 or 2011 (Part 5).

Migrate from SBS 2008 or 2011 (Part 5)

Transferring DHCP role to the new domain controller

The DHCP database and settings can be backed up to allow the replacement server to quickly take over the DHCP server role and service clients again. If DHCP is not running on the SBS server, you may skip this step. To back up the database, follow this steps:

  1. Open DHCP Management MMC by selecting Start, then All Programs, Administrative Tools, DHCP.
  2. In the console tree, select the SBS server.
  3. On the Action menu, click Backup.
  4. In the Browse For Folder dialog box select the folder where you want to store the backup DHCP database and then click OK.

To allow the new server to act as a DHCP server, you must install the DHCP Server role and then configure the server’s settings. This steps assume that you have backed up your SBS Server settings and will restore them to the new server. If you are hosting DHCP on another server, you may skip this step.

Install the DHCP Server Role

You can use this procedure to install and configure the DHCP Server role, using the Add Roles Wizard. Membership in Domain Admins or equivalent is the minimum required to perform this procedure.
 

To install DHCP

  1. Do one of the following:
    1. In Initial Configuration Tasks, in Customize This Server, click Add roles. The Add Roles Wizard opens.
    2. Click Start and then click Server Manager. In the left pane of Server Manager click Roles and in the details pane, in Roles Summary, click Add Roles. The Add Roles Wizard opens.
  2. In Before You Begin page click Next.
  3. In Select Server Roles, in Roles, select DHCP Server and then click Next.
  4. In DHCP Server click Next.
  5. In Select Network Connection Bindings, in Network Connections, select the IP addresses that are connected to the subnets for which you want to provide DHCP service and then click Next.
  6. In Specify IPv4 DNS Server Settings, in Parent Domain, verify that the name of the DNS domain that clients use for name resolution is correct. For example, if your domain is named example.com, verify that the DNS domain name is example.com.
  7. In Preferred DNS server IPv4 address, type the IPv4 address of your preferred DNS server, and then click Validate. In Alternate DNS server IPv4 address, type the IPv4 address of your alternate DNS server (if any) and then click Validate.
  8. Click Next. In Specify IPv4 WINS Server Settings select one of the following:
    1.  If you do not have WINS servers on your network, select WINS is not required for applications on this network.
    2. If one or more WINS servers are deployed on your network, select WINS is required for applications on this network. In Preferred WINS server IP address, type the IPv4 address of your preferred WINS server. In Alternate WINS server IP Address, type the IPv4 address of your alternate WINS server (if any) and then click Next.
  9. In Add or Edit DHCP Scopes click Add. The Add Scope dialog box opens.
  10. In the Add Scope dialog box type values for all required items and in Subnet Type select either Wired or Wireless, depending on the IP address lease duration that you prefer and then do one of the following:
    1. To automatically activate the scope immediately after DHCP installation is complete, click Activate this scope. If there are computers or devices on the network that have static IP addresses, do not activate the scope until you have created an exclusion range. The exclusion range prevents the DHCP server from leasing IP addresses that are already in use by a statically configured device.
    2. To manually activate the scope later, use the DHCP Microsoft Management Console (MMC).
  11. Click OK. This returns you to the Add or Edit DHCP Scopes page. If your network has multiple subnets that are serviced by this DHCP server, add scopes for each subnet using steps 9 and 10. Click Next.
  12. In Configure DHCPv6 Stateless Mode, select whether you want to configure the DHCP server for DHCPv6 stateless operation and then click Next.
  13. In Authorize DHCP Server, do one of the following:
    1. Select Use current credentials to authorize the DHCP server in Active Directory Domain Services (AD DS) using the credentials supplied for the current session.
    2. To specify alternate credentials for authorization, select Use alternate credentials. Click Specify and then type the credentials to use for DHCP server authorization.
    3. Select Skip authorization of this DHCP server in AD DS if you don’t want to autorise the server at this point and then click Next.
  14. In Confirm Installation Selections, review your selections, and then click Install.
  15. In Installation Results, review your installation results, and then click Close.

 

Restore from Backup

  1. Open DHCP Management MMC by selecting Start, then All Programs, Administrative Tools, DHCP.
  2. In the console tree, click the applicable DHCP server.
  3. On the Action menu click Restore.
  4. In the Browse For Folder dialog box select the folder that contains the backup DHCP database and then click OK.

 

Migrate from SBS 2008 or 2011 (Part 4)

Migrate from SBS 2008 or 2011 (Part 6).

Migrate from SBS 2008 or 2011 (Part 4)

Backup Exchange Data
 

Follow this steps to back up the data in Exchange using Windows Server Backup so it can be restored on the new server running Exchange Server 2007.  You are free to use another backup and restore solution, but that will not be covered in this document.  If you choose to use Windows Server Backup, you should have Exchange 2007 Service Pack 2 or later installed so that the Exchange backup plugin is registered. You will also need to install Exchange Server 2007 Service Pack 2 or later on the new server in order to have the Exchange backup plugin available for the restore.

Using Windows Server Backup
 

  1. Start Windows Server Backup.
  2. In the Actions pane, click Backup Once…. The Backup Once Wizard appears.
  3.  On the Backup options page select Different options and then click Next.
  4.  On the Select backup configuration page select the type of backup that you want and then click Next:
    1. Select Full server (recommended) to back up all volumes on the server.
    2. Select Custom to specify which volumes should be included in the backup. If you select this option, the Select backup items page appears. Select the volumes to be backed up and then click Next.
  5. On the Specify destination type page select the location where you want to store the backup and then click Next. If Remote shared folder is selected, the Specify remote folder page appears. Specify a UNC path for the backup files and then do one of the following, to configure Access Control settings:
    1. Select Do not inherit, if you want the backup to be accessible only by a set of specified user credentials and then click Next. Type user name and password for a user account that has write permissions on the computer that is hosting the remote folder and then click OK.
    2. Select Inherit, if you want the backup to be accessible by everyone who has access to the remote folder and then click Next.
  6. On the Specify advanced options page select VSS full backup and then click Next.
  7. On the Confirmation page review the backup settings and then click Backup.
  8. On the Backup progress page, you can view the status and progress of the backup operation.
  9. Click Close, when the backup operation is completed.

Using a file copy backup
Note: This step is recommended as a second backup of the Exchange data in the event you plan on migrating the Messaging server to the same hardware in the unlikely event you are unable to restore the Exchange data from your primary backup method after the server is reinstalled.

  1. Start the Exchange Management Console.
  2. Expand Server Configuration and click on Mailbox.
  3. On the Database Management tab make a note of all the Database File Paths for all the Databases listed.
  4. View the properties of every Storage Groups listed and make a note of every Log Path and System Path.
  5. Stop the Microsoft Exchange Information Store service.
  6. Make a backup copy of all folders you noted in steps 3-4 to removable media or a location that will not be formatted when the Exchange server is reinstalled later in this document.
  7. ?

Install the Exchange Server

Using a copy of 64-bit Windows Server 2008R2 Standard Edition, install a new server. The server should be joined to the domain manually as a member server. Once the server is installed, apply all the Windows Service Packs and updates.

There is no requirement that the Messaging Server should be a domain controller. If you have additional DCs, it is not recommended making this server a DC. 

 
Install Exchange and Migrate Data
To install the Windows Server 2008R2 operating system prerequisites, for a computer that will host the Hub Transport, Client Access, and Mailbox server roles, use the Powershell interface:

  1. In Start menu run PowerShell as Administrator.
  2. In PowerShell windows type Import-Module ServerManager.
  3. Wait for the command to be completed and then type Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,Web-Asp-Net,Web-Client-Auth,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Http-Redirect,Web-Http-Tracing,Web-ISAPI-Filter,Web-Request-Monitor,Web-Static-Content,Web-WMI,RPC-Over-HTTP-Proxy -Restart. This command will install all prerequisites needed by a typical installation of Exchange. After the command will be complete, the server will restart.

Install Exchange Server 2010

  1. Download and install Microsoft Office 2010 Filter Packs from http://go.microsoft.com/fwlink/?LinkId=191548 .
  2. Install Exchange Server 2010 from a media or a downloaded copy by lunching setup.exe in the root folder on the Exchange DVD or extracted folder.
  3. In Introduction window click Next.
  4. In License Agreement window check I Accept the terms in the License agreement and click Next.
  5. In Error reporting window click Next.
  6. In Installation type window select Typical Exchange Server Installation, check Automatically install Windows Server roles and features required for Exchange and click Next.
  7. In Configure Client Access server external domain check The Client Access server role will be Internet facing.
  8. In Enter the domain name you will use with your external Client Access servers type the name of your MX record (for example: mail.contoso.com).
  9. Click Next.
  10. In Customer Experience Improvement Program click Next.
  11. In Readiness Check that all requisites are installed (all checkmark must be green) and click Install.
  12. Review that all tasks has completed successfully and click Finish.

In this time, you must change the firewall and the DNS setting. Now the new exchange is ready to receive and send mails. This will be possible after you change the forwarding roles on your firewall. You must change forwarding roles for ports 25, 80 and 443 to messaging server IP.

Some changes in DNS are also needed. To do this follow the procedure:

  1. Open Start menu, Administrative tools and lunch DNS.
  2. In the left pane expand SERVER_NAME, Forward lookup zones (Where SERVER_NAME is the name of the DNS Server).
  3. Expand EXERNAL_DOMAIN_NAME and select A Record for the name of remote access – by default is remote and right-click properties (INTERNAL_DOMAIN_NAME is the name of RWW).
  4. Change the IP address with the address of the new messaging server.

Creating data and migrating users to the new Exchange server
First step to do is creating a new Offline Address Book:

  1. Open Start menu and open Microsoft Exchange Management Shell as Administrator.
  2. Type the command New-Offlineaddressbook -name “OAB_NAME”default global address list” -server “SERVER_NAME” (where OAB_NAME is the name of Offline Address Book and SERVER_NAME is the name of Messaging server).
  3. After the new OAB is created, it must be updated with the command Update-OfflineAddressbook -Identity “OAB_NAME”.
  4. At this point we must set this OAB as default OAB for Mailbox Database on Messaging server with the command Get-MailboxDatabase | Set-MailboxDatabase –offlineaddressbook “OAB_NAME”.

 

After the database is ready, you can begin moving Mailbox Location with pipeline Get-Mailbox -Server SBS_SERVER | New-MoveRequest -TargetDatabase “NEW_DATABASE” (where SBS_SERVER is the name of the SBS Server and NEW_DATABASE is the name of the Mailbox database on Messaging server). During the move operation, user will be able to send and receive mails, but when the operation is completed, he will be prompted to restart Outlook.

At the end they remain only public folders. You can move them simply with a script from the new Exchange server:

  1. Open the Exchange Management Shell as Administrator.
  2. Navigate to the folder <Drive>Program FilesMicrosoftExchange ServerV14Scripts (where <Drive> is the system drive).
  3. Run a PowerShell script .MoveAllReplicas.ps1 -Server “SBS Server” –NewServer “New Server” (where “SBS Server” is the name of the SBS Server and “New Server” is the name of the new Exchange server).
  4. Wait few days, that all fodders will be moved completely.

Migrate from SBS 2008 or 2011 (Part 3)

Migrate from SBS 2008 or 2011 (Part 5)

 .

Migrate from SBS 2008 or 2011 (Part 3)

Migrate SharePoint Data (Optional)

This step is an optional. If you are using SBS SharePoint, you might wish to migrate it. SBS deployments that don’t use this component, can skip this step.
You will be able to attach a content database to a destination server only if the version of SBS SharePoint is SP2 or later and the content database is prepared for migration.
To check the version of SharePoint, follow this steps:

  1. In Start menu go to Administrative tools and lunch SharePoint 3.0 Central Administration.
  2. Click on Operations in top menu.
  3. Click on Servers in farm on the left pane.
  4. On the right pane you can see the SharePoint version of Small Business Server. If it is SP2, the number must be at least 12.0.0.6421. For migration proposes it will be acceptable any version greatest of this one.

Before you begin with migration, it is necessary to verify upgrade readiness on SBS Server. Follow this steps:

  1. Open Command prompt as Administrator.
  2. Navigate to folder C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions12BIN, where C: is the name of the system drive.
  3. Run the Command STSADM.EXE -o preupgradecheck.
  4. Review the report located in C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions12LOGS and search for errors.
  5. If there are no errors, the site is ready to upgrade, otherwise correct all the errors.

On the new server install SharePoint Foundation following this steps:

 

  1. Download the package from http://www.microsoft.com/en-us/download/details.aspx?id=5970.
  2.  Run the downloaded package and click Install software prerequisites.
  3. On SharePoint preparation tool click Next.
  4. Accept EULA and click Next.
  5. It will take few minutes to complete all installation tasks. After this click Finish.
  6. Rerun the downloaded package and select Install SharePoint Foundation.
  7. Accept EULA and click Continue.
  8. On Choice the installation you want select Server Farm.
  9. It will take few minutes to complete the installation.
  10. On the Installation complete screen, leave the checkbox in Run configuration wizard and click Close.
  11. Complete the Configuration Wizard specifying your configuration.
  12. Click on Start, All Programs, SharePoint 2010 Products and lunch SharePoint 2010 Central Administration.
  13. In the Web Applications section click Manage Web Application.
  14. In the Ribbon click New.
  15. In Create Web Application window change those values:
    1. In the IIS Web Site section:
      1. Select Create a new IIS Web Site.
      2. In the Host Header box type your desired host name.
    2. In the Application Pool section:
      1. Select Create new Application pool.
      2. Select Configurable.
      3. Type the Account used for running the application pool.
    3. In the Database Name and Authentication section:
      1. In Database name type the desired name of the database (later will be removed).
  16. On the bottom of the page click OK.
  17. On the Application created screen, click the OK button.

To transfer content database to the new server, follow this steps:

  1. On SBS Server lunch SQL 2005 Management studio as Administrator.
  2. In Connect to Server window in Server Name type: \.pipeMSSQL$MICROSOFT##SSEEsqlquery and click Connect.
  3. Expand Databases and right-click on ShareWebDB, then click to Task, Backup…
  4. In BackUp Database window, under Backup destination, select Disk and click Add… to select backup file name.
  5. Click OK and wait the job to complete.
  6. Transfer the backup file to the new server
  7. On the new server run SQL 2008R2 Management studio as Administrator (or another version of the supported SQL server).
  8. Connect to desired instance and right-click on databases.
  9. Select Restore Databases…
  10. In Restore Database window add parameters do this:
    1. In To Database write the name of database to restore – ShareWebDB.
    2. In Source for Restore select From Device and use the button () to select the backup file of database.
  11. Click OK and wait that task complete.

To transfer content to new server we will use the attach database method. This could be done using this steps:

  1. Go to Start, All Programs, SharePoint 2010 Products and run SharePoint 2010 Management Shell as Administrator.
  2. In Shell type Test-SPContentDatabase -name ShareWebDB -WebApplication http://<SITE_NAME>:80 (where <SITE_NAME> is the name of the Web Application and ShareWebDB is the name of the transferred database).
  3. It is all normal, if you don’t have any output.
  4. In Shell type  Mount-SPContentDatabase -WebApplication http://<SITE_NAME> sharewebdb (where <SITE_NAME> is the name of the Web Application and ShareWebDB is the name of the  transferred database).
  5. Check in Internet Explorer for the availability of site http://<SITE_NAME>.
  6. Verify the migrated content by browsing the web site.
  7. On the web site go to Site Settings and select Visual Upgrade.
  8. In Visual Upgrade window, in Visual Upgrade section, select Update the user interface and click OK.

 

Migrate from SBS 2008 or 2011 (Part 4)

Migrate from SBS 2008 or 2011 (Part 2).

Migrate from SBS 2008 or 2011 (Part 2)

Environments with Limited Hardware Resources

This document assumes that most installations will have sufficient resources to bring up additional servers (physical or virtual) to complete the migration of SBS. It is highly recommended and very advantageous to perform the migration to three additional servers (physical or virtual). Another option is to decommission the SBS server role you do not plan to migrate in order to reallocate its hardware.

Install the server for new Domain Controller

Install a new server, using the Windows Server 2008R2 Standard Edition media. Assign to the server a static IP address. When prompted, join the existing domain. Before you can promote a new machine to a domain controller, you have to upgrade the AD schema using this steps:

  1. Go to SBS Server.
  2. Insert the Windows Server 2008R2 Standard Edition media. Click Start, locate the Command prompt and run it as Administrator.
  3. Navigate to <Installation media drive>sourcesadprep.
  4. Type adprep /forestprep and wait for completing the command. It could take a lot of time, depends on the structure of your AD.
  5. Type adprep /domainprep and wait for completing the command. It could take a lot of time, depends on the structure of your AD.
  6. Type Exit to close the Command prompt window.

Now you can return to new domain controller machine and promote it to a Domain Controller using the following steps:

  1. Open Server Manager. Click Start, point to Administrative Tools, and then click Server Manager.
  2. In Roles Summary, click Add Roles.
  3. If necessary, review the information on the Before You Begin page and then click Next.
  4. On the Select Server Roles page, click the Active Directory Domain Services check box and then click Next.
  5. If necessary, review the information on the Active Directory Domain Services page and then click Next.
  6. On the Confirm Installation Selections page click Install.
  7. On the Installation Results page click Close this wizard and launch the Active Directory Domain Services Installation Wizard (dcpromo.exe).
  8. On the Welcome to the Active Directory Domain Services Installation Wizard page click Next.
  9. On the Operating System Compatibility page review the warning about the default security settings for Windows Server 2008 and Windows Server 2008 R2 domain controllers and then click Next.
  10. On the Choose a Deployment Configuration page click Existing forest, click Add a domain controller to an existing domain and then click Next.
  11. On the Network Credentials page type the name of the SBS domain. Under Specify the account credentials to use to perform the installation click My current logged on credentials or click Alternate credentials and then click Set. In the Windows Security dialog box provide the user name and password for an account that can install the additional domain controller. To install an additional domain controller, you must be a member of the Enterprise Admins group or member of the Domain Admins group. When you finished providing credentials, click Next.
  12. On the Select a Domain page, select the domain of the new domain controller and then click Next.
  13. On the Select a Site page, select a site from the list or select the option to install the domain controller in the site that corresponds to its IP address. Then click Next.
  14. On the Additional Domain Controller Options page make the following selections, and then click Next:
    • DNS server: This option is selected by default so that your domain controller can function as a Domain Name System (DNS) server.
    • Global Catalog: This option is selected by default. It adds the global catalog, read-only directory partitions to the domain controller and it enables global catalog search functionality.
    • Read-only domain controller. This option is not selected by default. It makes the additional domain controller read only – it makes the domain controller a RODC. Leave this setting unchecked. If you do not have static IPv4 and IPv6 addresses assigned to your network adapters, a warning message might appear advising you to set static addresses for both of these protocols, before you can continue. If you have assigned a static IPv4 address to your network adapter and your organization does not use IPv6, you can ignore this message and click Yes, the computer will use a dynamically assigned IP address (not recommended).
  15. On the Location for Database, Log Files, and SYSVOL page click Next.
  16. On the Directory Services Restore Mode Administrator Password page type and confirm the restore mode password and then click Next. This password must be used to start AD DS in Directory Service Restore Mode (DSRM) for tasks that must be performed offline.
  17. On the Summary page review your selections. Click Back to change any selections, if necessary. To save the settings that you have selected to an answer file, that you can use to automate subsequent AD DS operations, click Export settings. Type the name for your answer file and then click Save. When you are sure that your selections are accurate, click Next to install AD DS.
  18. On the Completing the Active Directory Domain Services Installation Wizard page click Finish.
  19. You can either select the Reboot on completion check box to have the server restart automatically or you can restart the server to complete the AD DS installation when you are prompted to do so.

 Reconfigure Document Redirection, User home folders and Share location

Document Redirection is configured by default for new users, added through the SBS Administration Console.  The default share is \<SBS_SERVER>RedirectedFolders, which points to <DRIVE>:UsersFolderRedirections folder (where <SBS_SERVER> is the name of the SBS Server and <DRIVE> is the drive letter that the folder is located on). The settings for this policy are stored in the Small Business Server Folder Redirection Group Policy. By default, the “Redirect the folder back to the local userprofile location when the policy is removed” setting is set. With this setting in place, after the Group Policy is removed, clients will copy the contents of their Documents folder from the server back to their local workstation.

To stop Folder Redirection and copy data back to user workstations, follow this steps:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Group Policy Management.
  2. In the Group Policy Management console tree, expand the domain tree, right-click on Small Business Server Folder Redirection Policy, and then click Edit…. 
  3. In the Group Policy Management Editor, right-click the Small Business Server Folder Redirection Policy [domain name] Policy object and choose Properties.
  4. In the GPO Properties dialog box, click the Security tab and then click on the Authenticated Users group.  Change the Apply group policy permission from the default of Allow to the Deny. Click OK to close the dialog.

The folder Redirection will be stopped the next time that a user processes this GPO. By default the object is cached on the user’s computer and will not be updated, unless another change is detected. To force an update, you must follow these additional steps:

  1. Create or modify a GPO that applies to the computers on which users, who are affected by folder redirection policies, log on.
  2. Edit the GPO. 
  3. Under Computer Configuration expand Policies and then Administrative Templates
  4. Under Administrative Templates expand System
  5. Under System select Group Policy
  6. Double-click the Folder Redirection policy processing setting.
  7. Select the option Enabled and then click to select the second check box Process even if the Group Policy objects have not changed.
  8. Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.

For more information, see http://support.microsoft.com/default.aspx?scid=kb;EN-US;888203.

After you are sure, that all users are logged off and on (it is recommended, that you wait a day or two), you can reestablish redirection to the new machine. The settings for this policy are stored in the Small Business Server Folder Redirection Group Policy. By default, the “Redirect the folder back to the local user profile location when the policy is removed” setting is set. With this setting in place, after the Group Policy is removed, clients will copy the contents of their Documents folder from the server back to their local workstation.

To re-enable the Folder Redirection policy, follow this steps:

  1. Create the FolderRedirections share.
  2. Click Start, point to Programs, point to Administrative Tools, and then click Group Policy Management.
  3. In the Group Policy Management console tree expand the domain tree, right-click on Small Business Server Folder Redirection Group Policy and then click Edit….  
  4. On the left pane expand Small Business Server Folder Redirection Group Policy, Computer configuration, then Windows Settings and select Folder Redirection.
  5. In the right pane right click on the Documents (or some other folder you wish to redirect) and select Properties.
  6. On the Target tab, under Root Path, with Browse button, select the new SMB share for folder redirection (do not enter local path).
  7. Click OK for close the properties dialog box.
  8. Repeat steps from 5 to 7 for every redirected folder (it is highly recommended to control all listed folders to prevent future issues)
  9. In the Group Policy Management Editor right-click the Small Business Server Folder Redirection Group Policy [domain name] Policy object and choose Properties.
  10. In the GPO Properties dialog box click the Security tab and then click on the Authenticated Users group.  Change the Apply group policy permission from Deny to Allow. Click OK to close the dialog box.

Folder Redirection will be started the next time that the user processes this GPO. By default, the object is cached on the user’s computer and will not be updated, unless another change is detected. To force an update, you must follow these additional steps:

  1. Create or modify a GPO that applies to the computers on which users who are affected by folder redirection policies log on. 
  2. Edit the GPO. 
  3. Under Computer Configuration expand Administrative Templates
  4. Under Administrative Templates expand System
  5. Under System select Group Policy
  6. Double-click the Folder Redirection policy processing setting. 
  7. Select the Enabled option and then click to select the second check box Process even if the Group Policy objects have not changed.
  8. Exit the Group Policy Object Editor. Make sure that this new GPO applies to computer accounts for which users are using folder redirection.

Users home folders are configured by default for new users, added through the SBS Administration Console.  The default share is \<SBS_SERVER>UserShares, which points to <DRIVE>:Shares folder (where <SBS_SERVER> is the name of the SBS Server and <DRIVE> is the drive letter that the folder is located on). You must copy all content of all users folders to the new server with same permissions and change locations of users home folders in Active directory users and computers following this steps:

  1. On the new server create a root folder for Users home folder shares.
  2. Right-click on the folder and go to Properties.
  3. On the Sharing tab click Advanced sharing and check Share this folder.
  4. In Settings, Share name, type the name of the share and click Permissions.
  5. Give Allow full control permission to Everyone group.
  6. Use Robocopy command on SBS server to transfer all content and permissions of the folders:
    robocopy.exe <DRIVE>:UsersShares \<NEW_SERVER><NEW_DRIVE>$UsersShares /Z /R:5 /COPYALL /MIR /FP /LOG+:<DRIVE>:UserShares.log /TEE /XF UserShares.log (where DRIVE is drive letter, where shares are located, NEW_SERVER is the name of the new server and NEW_DRIVE is the destination drive letter on the new server).
    Example: robocopy.exe C:UsersShares \My_NewServerD$UsersShares /Z /R:5 /COPYALL /MIR /FP /LOG+:C:UserShares.log /TEE /XF UserShares.log
  7. Open Active Directory Users and Computers and go to MyBusinessSBSUsers Organization Unit.
  8. Select all active users, click on Properties.
  9. On Profile tab check Home Folder and select Connect.
  10. Select drive letter to connect home folder. In field To write: \<NEW_SERVER><SHARE_NAME>%username% (where <NEW_SERVER> is the name of the new server, <SHARE_NAME> is the name of the share of users home folders).
  11. Close all Windows with OK.
  12. Repeat all steps between step 8 and 10 for Organization unit MyBusinessSBSPowerUsers.
  13. Optional: it is recommended, on Users home folders on SBS Server, to change sharing permissions for Everyone group to Deny Full control (it is only to prevent any duplicate using of home folders).

Shared folders should be in SBS server configured thru SBS Console and are all visible there. You can do a migration of shared folders in two different ways, but you must pay attention, to move all of them and that users will not be able to write in both shared folders (the old and the new one) while the migration is going on.
First you must locate all of the shared folders:

  1. Go to SBS Administration console.
  2. Click to Shared folders and Web sites and go to Shared folders.
  3. Annotate all the shared folders locations and share names.

Now you have to move all data to the new server, but you must preserve all security and share permissions:

  1. On the new server create a new folder for share.
  2. Right-click on it and select properties.
  3. Click on Security tab and give to folder exactly the same permissions as those in the source folder.
  4. Click on Sharing tab, Advanced Sharing and type the name of the share (it is recommended, that is the same as old one).
  5. Click on Permissions and give to share exactly the same permissions as those in the source share.
  6. It is recommended that in this time you open properties of Share on the SBS server and change all share permissions from Allow to Deny (just for prevent users to modify content in share, during and after the migration).
  7. On the SBS Server run robocopy.exe <DRIVE>:<OLD_FOLDER> \<NEW_SERVER><NEW_DRIVE>$<NEW_FOLDER> /Z /R:5 /COPYALL /MIR /FP /TEE /XF /LOG+:<DRIVE>:ShareLog.log (where DRIVE is the drive letter where share is located, OLD_FOLDER is the folder of share on SBS Server, NEW_SERVER is the name of the new server, NEW_DRIVE is the destination drive letter on the new server and NEW_FOLDER is the folder of share in the new sever), to copy data to the new server.
  8. Repeat all steps for any shared folder.

 

Migrate from SBS 2008 or 2011 (Part 3)

Migrate from SBS 2008 or 2011 (Part 1).