righto. i cant get onto MSN atm so this is my next best option to ask beefy/sks/tb :D

what i'm trying to do is convert a site from an NT domain to W2k3(AD). 98% of the workstations are XP. what obviously is going to happen is that all the profiles etc are going to be re-created etc etc. hence as massive issue when its about 200 workstations. not fun.

i've spend a lot of time trolling around on the net trying to find a solution to this issue and have found only 2 plauseable solutions. 1. is some scrips that someone has written that copys the data / re-names folders etc in a logon script which would require me to take the whole network offline for longer then needed anyway because i would have to login as a different user on EVERY machine (permission wise). the other is some program that looks like it would work, but for it to run from a logon script its $2 per workstation (cheep i know, but free is better :D ).

ADMT doesn't do exactly what i want it to either. it will do half the work but it dosen't do the profile work.

has anyone around here had any exp. with what i'm talking about?
in short - installing new domain server > AD > need XP not to create new profile for new domain as it does.

cheers!

if you dont follow what i mean i'll try to clarify but you get the jist.

First question - for the upgrade, are you using existing servers, or does it involve setting up new servers and migrating existing data from the old ones?

new server

Read through this and see if it makes sense - http://forums.msexchange.org/ultimatebb.cgi?ubb=get_topic;f=21;t=000623

You could also check out RoboCopy, I've heard good things about that.

I'm just stabbing in the dark here, I haven't don't much server migration before, except with Novell.

EDIT: Are you actually doing this, or is it all theory for a course?

cheers - yeah doing it - just trying to make it less painfull and less time consuming. it would take a week to copy to setup of the hunderds of users :-/ not to mention the profile renaming....


EDIT: yeah i read that site - has good info and much the same is found all over the place. but i cant seem to find a definate answer if the profiles / settings / etc etc will be all find and the profiles wont be re-made on the XP machines...

Could you set up a tempoary 'backup domain controller' and transfer profiles via that?

You may not need to actually take the network offline to complete it all then.

(I don't do servers much, so I may be way off)

If they are paying you then is time really a factor?

cheers -
thats what will have to happen with the user lists etc. but when i say profiles i mean the users profiles on the XP / 2000 workstations themselfs.

when you log a PC onto a domain it creates a new user profile. usually if its just one machine can you can use functions within XP to copy the profies around and your set (the user has his own background / settings / menus / programs etc etc back) other wise, if you dont copy it back, it just goes back to what u've set as default for the machine without all the user-end customisatinos such as desktop icons.

thats the problem - i can move accross the user lists into AD - thats easy. its the XP / 2k profil issue on the workstation that will take painstakingly long unless an easyer solution is around. as for the time taken - customers dont like offline for 5mins let alone a whole day if not more.

Ahh.. I see. You're talking about roaming profiles... Can't you just copy them over to the new server with Robocopy? If you copied over the user structure as it was, then it should still associate with the profile, assuming it's in the right place.

if you are using roaming profiles, and keep the users directorys in tact (ie. drive mappings and stuff are all correct) then it shouldnt be a problem, when the users log in they will draw their profile from their profile storage folder

there are a couple of tools to do mass changes to user properties and stuff in AD once ur upgraded

im confused by what ur asking tho coz u say you are changing the domain - are you saying that you are moving users to a fresh domain or doing an in-place-upgrade of an existing domain

EDIT: if you follow an in-place upgrade path it should be fine, ie.
1- full os backup of live server
2- upgrade live server to a 2k or 2k3 server and then convert to AD.
3- join new server to domain
4- move all master operations to the new server
5- demote (dcpromo) old server to leave only the new server
6- run mass user property changing tool (nfi what it is actually called) to alter the profile paths to match the new share on the new server

if you are changing the domain name somehow then thats a completely different thing...


is there an exhange server involved at all in this setup? and its not SBS servers at all?

Damo would I be right in saying that ur talking about the locally stored profiles, not roaming ones like beefy said?

eg c:\documents and settings\<<username.domain>>

if it's local account / profiling, then the easiest way (I imagine) would be to turn on roaming on the existing server, get a copy of all the profiles on the server, then when you swap over and people log in again their profiles will be there.

Then again, with local profiles, why do you need to change anything? The machines will, in essence, be logging to the same domain / tree as before, and should be able to use the local profiling fine.

Umm i kinda see his problem beefy, If he's got a lot of users, copying all profiles then linking them back up manually would be a bastard, and roaming profiles aren't always the best way to go.

If you add a login script to the administrator account that xcopies all of the documents&settings folder accross onto the server would be a quick and nasty way so you could link it up to roaming profile on new server. Still 2 messy tho, mite also hav probs with permissions.

Hav a look at this -
http://www.windowsitpro.com/Articles/Print.cfm?ArticleID=26356

You mite be able to adapt for your needs.

Have a think about kix scripts 2, they're powerful but takes a bit to get your head round em.

it all depends on a few things, are you changing the actual domain name, are you using roaming profiles?

i think what beefy is suggesting - if ur using local profiles only - is a prefectly fine solution. enable roaming profiles for all the users and have them log on which will backup their profile to the server share that u specified, then move the profile storage to the new server..

the only thing with a profile folder is that the user account that created the folder that contains the profile must be the "owner" of the folder for it to work thats the only permission related issue i could think of.

EDIT: i had a look at that page manny suggested, its more for copying existing profiles onto a new pc, it would be v.difficult to change it to work in a scenario of changing domain name, which would lead to new SIDs and stuff

i dont see there to ever be a problem with roaming profiles, if the profile settings are important they should be roaming. if the user has a lot of large files in their my documents which causes the profile to be big, then they should have their my docs folder pointed to a network share... imo anything that is important enough shouldnt be stored on the local pc anyways

things like that can be handled in default configurations on networked pcs, so that users 'my docs' are pointed elsewhere and temp internet files aint included in the roaming profiles (these 2 parts should make a profile near small enough for it to be perfectly usable)

oh and definitely - no matter what - take the time to learn kix scripting!

I'm kinda looking at things from a Novell point of view, so my guesses are probably off for a Windows environment. It all depends how the server is set up in terms of storing user data as to how you want to go about it.

Yeah i totally agree roaming profiles are probly the best solution, just thawt he wasnt keen on the idea thats all.

And dont 4get you can do my docs folder redirection etc. all thru group policy, as well as really do cool stuff wit securing your PC's settings from user's playing (sum times i luv gp so much i want 2 marry it... erm yes... i mean... thats to say... arrrrrrggg....*slapped by girlfriend*)

You will have to add a security group from AD to each individual PC that everyone belongs to as a local administrator if you want to be able to fully roam your profiles and be able to run certain programs properly though (eg. VET autosetup in login scripts).

mmm i guess its a little hard to explain on the forums ey.

i think what we'll end up doing is start from stratch and do it the way its ment to be done - roaming profiles. although the task will be massive in the long run it will cause less problems when things like workstation upgrades / replacements come along. is it really as simple as "turning roming profiles on" and bam we're all set to roll? if i turn them on, will it copy the users data from c:\..\ to the server?

none the less - cheers for the suggestions ppls - pretty much every road i go down there is a "doesn't work everytime" or "you need this this and this running also" so all in all, its probabily going to go up shit creek when we're trying something that's not 100%. not fun. i dont particlary want to spend lots of time on something only to find in the end it didn't work.

it comes down to the ability to move across teh SID's to the new domain, even with things like ADMT and scripts, trying to do such a thing is going to be a nightmare as as wel know - you cant have two servers on the same network with the same hostname / domain tree. so however we come to do it - its going to be fun :D

oh and it looks like i'm finally going to have to do what i've been putting off for a long time - learn a programming language - Kix here i come...

yeah if you set the profile storage options for each user account, they log onto a pc with their customised profile and when they log out the profile will be written to their directory.

the only time a diff profile is created is if the domain name changes or the users sid changes... i think profiles even survive if a pc is removed/joined back to a given domain

im assuming you wanted to do the harder part that we were talking about - setting up a new server as an AD clone of the existing network..?

anyways, get their profiles roaming first then look to move/upgrade to AD...