Microsoft KB Archive/884453

= How to install Small Business Server 2003 in an existing Active Directory domain =

Article ID: 884453

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Windows Small Business Server 2003 Standard Edition
 * Microsoft Windows Small Business Server 2003 Premium Edition

-



INTRODUCTION
This article describes how to install a Microsoft Windows Small Business Server (SBS) 2003-based computer into an existing domain that does not currently have an SBS server.

Warning You should use the steps that are described in this article as an outline for how to install a new SBS 2003 computer in an existing domain to maintain the existing Active Directory directory service infrastructure.

You should not use this article to add an SBS 2003 computer to a network where there is an existing SBS 2000 or SBS 2003 domain controller for migration purposes. For that, use the migration white papers. To view the migration white papers, visit the following Web sites:

SBS 2000 to SBS 2003:

http://go.microsoft.com/fwlink/?LinkId=16414

SBS 2003 to SBS 2003:

http://technet2.microsoft.com/WindowsServerSolutions/SBS/en/library/62e2094e-ad4e-4227-b20e-97a716ed7c861033.mspx

This article does not intend to provide a migration solution. However, if you use the steps in this article to join an existing domain that already contains an SBS 2003 computer or an SBS 2000 computer, you will have to demote the existing SBS server by manually running Dcpromo.exe to remove the computer from the domain. This retirement process must occur within 7 days of adding the new SBS 2003 computer to the domain or the new SBS 2003 computer may display warnings and shut down periodically.

The following conditions must be true after you install the new SBS 2003 computer in an existing domain or the new SBS 2003 computer may display warnings and shut down periodically:
 * The new SBS 2003 computer must be a domain controller that is installed on the root of the domain.
 * The new SBS 2003 computer must hold all the Flexible Single Master Operation (FSMO) roles.
 * The new SBS 2003 computer must be a global catalog server and must be the licensing server.
 * There must not be any existing domain trusts or child domains.
 * Only one SBS server can exist on the domain. If SBS 2003 is installed, no other SBS 2003 or 2000 server can be installed on the same domain.
 * You must complete the SBS Integrated setup on the new server and install the proper number of SBS Client Access Licenses as required. Failure to meet these conditions may cause the SBS 2003 server to shut down or be in an unsupported state.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

842690 List of components that are included in Windows Small Business Server 2003



MORE INFORMATION
To install a SBS 2003 computer in an existing Active Directory domain, follow these steps:  On a Windows 2000 domain, you must prepare Active Directory before you install the SBS 2003 computer in the domain. For more information about how to install a Windows Server 2003 domain controller into an existing Windows 2000 forest, click the following article number to view the article in the Microsoft Knowledge Base:

278875 Dcpromo.exe and Winnt32.exe log errors when you create a Windows Server 2003 domain controller in a Windows 2000 domain or forest or when you upgrade a Windows 2000 domain controller that resides in a Windows 2000 forest to Windows Server 2003

 Start the installation of SBS 2003 by inserting CD 1 into the CD or DVD drive. When the operating system is installed and the computer restarts and continues with the integrated Setup program, click Cancel to stop the integrated Setup program.

Note You must cancel the integrated Setup program at this point. If you continue with the integrated Setup, you cannot join the SBS 2003 computer to the existing domain. On the SBS 2003 computer, configure a static IP address on the network card and make sure to configure DNS to include the existing server that hosts the Active Directory zone.

Note You can ping other computers on the network by using their Fully Qualified Domain Names (FQDNs) after you complete this procedure. Run the Dcpromo.exe program on the SBS 2003 computer to join the existing domain.

Note Do not create a new forest and do not create a child domain.  Click Start, click Run, type dcpromo, and then click OK. Click Next two times.</li> Click Additional Domain Controller for an existing domain, and then click Next.</li> Enter the credentials for the domain administrator account, and then click Next.</li> In the Domain name area, type the FQDN for the Active Directory domain namespace that you want to join, and then click Next. For example, type contoso.local. If you are not sure of the FQDN, you can click Browse to select the correct domain.</li> Click Next to accept the default locations for the Database and Log folders.</li> Click Next to accept the default locations for the shared system volume.

Note If you have to change the location of the shared system volume, you must select an NTFS file system volume.</li> Type the Directory Services Restore Mode administrator password, and then click Next.

Note This is the password that you would use in Directory Services Restore Mode or when you use Recovery Console.</li> On the Summary screen, click Next to start the Dcpromo.exe program. This process may take several minutes.</li> Click Finish to complete the Dcpromo.exe program, and then click Restart Now.</li> Log on to the computer after it restarts and confirm that the computer has been successfully promoted to a domain controller. To do this, click Start, click Run, type cmd, and then click OK.</li>  At the command prompt, type gettype, and then press ENTER. The output should read as follows:

<pre class="fixed_text">Host Name: ServerName

Name: Windows Server 2003 for Small Business Server

Version: 5.2 Build 3790

Role: Domain Controller

Components: Not Installed </li></ol> </li> Install the DNS server service. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> Click Start, point to Control Panel, and then click Add/Remove Programs.</li> Click Add/Remove Windows Components.</li> In the Windows Components list, double-click Networking Services.</li> Click to select the Domain Name System (DNS) check box, and then click OK.</li> Click Next, and then click Finish.

For additional information about how to configure a DNS server, visit the following Microsoft Web site:

http://technet2.microsoft.com/windowsserver/en/library/4E1C7B17-16AB-4E7D-A333-15BEFB15C82E1033.mspx

</li></ol> </li> <li>Promote the SBS 2003 computer to a global catalog server. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Administrative Tools, and then click Active Directory Sites and Services.</li> <li>Expand Sites, expand Default-First-Site-Name, expand Servers, expand your SBS 2003 computer, right-click NTDS Settings, and then click Properties.</li> <li>Click the General tab, click to select the Global catalog check box to assign the role of global catalog to this computer, and then click OK.</li> <li>Open Event Viewer to the Directory Services event log and wait for event 1119 or 1869 with a description that states that this domain controller is now a global catalog.</li> <li>Restart the computer.

Note Do not restart the computer or remove any other global catalog servers until you receive event 1119 or 1869. If you do this, it will cause adverse effects as there will be no global catalog servers available to process requests.</li></ol> </li> <li>After the new computer is successfully promoted to a global catalog server, remove any other global catalog servers in the domain. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Administrative Tools, and then click Active Directory Sites and Services.</li> <li>In the console pane, expand Sites, and then expand Default-First-Site-Name.</li> <li>Expand Servers, expand any computers other than your SBS 2003 computer, right-click NTDS Settings, and then click Properties.

Note You may have to repeat this step more than one time if more than one computer is listed, other than the SBS 2003 computer.</li> <li>On the General tab, click to clear the Global catalog check box to assign the role of global catalog to this computer, and then click OK.

Note If the Global catalog check box is not selected, go to step 8.</li> <li>Restart any computers where you removed the global catalog server role.

Note Wait for the account and the schema information to replicate to the new global catalog server.</li></ol> </li> <li>Transfer the FSMO roles to the SBS 2003 computer. To do this, follow these steps for each FSMO role: <ol style="list-style-type: lower-alpha;"> <li>Transfer the Relative ID (RID) Master role. To do this: <ol> <li>Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.</li> <li>Right-click your organization name, click All Tasks, and then click Operations Masters.</li> <li>In the Operations Masters dialog box, click the RID tab.</li> <li>In the Operations Masters dialog box, click Change.</li> <li>Click Yes to confirm that you want to transfer the role, and then click OK.</li></ol> </li> <li>Transfer the PDC Emulator role. To do this: <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.</li> <li>Right-click your organization name, click All Tasks, and then click Operations Masters.</li> <li>In the Operations Masters dialog box, click the PDC tab.</li> <li>In the Operations Masters dialog box, click Change.</li> <li>Click Yes to confirm that you want to transfer the role, and then click OK.</li></ol> </li> <li>Transfer the Infrastructure Master role. To do this: <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.</li> <li>Right-click your organization name, click All Tasks, and then click Operations Masters.</li> <li>In the Operations Masters dialog box, click the Infrastructure tab.</li> <li>In the Operations Masters dialog box, click Change.</li> <li>Click Yes to confirm that you want to transfer the role, and then click OK.</li></ol> </li> <li>Transfer the Domain Naming Master role. To do this: <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts.</li> <li>Right-click Active Directory Domains and Trusts, and then click Operations Master.</li> <li>In the Change Operations Master dialog box, click Change .</li> <li>Click Yes to confirm that you want to transfer the role, and then click OK.</li> <li>Click Close to close the dialog box.</li></ol> </li> <li>Transfer the Schema Master role. To do this: <ol style="list-style-type: lower-alpha;"> <li>You can use the Schema Master tool to transfer the role. However, the Schmmgmt.dll file must be registered to use the Schema Master tool as an MMC snap-in. To register Schmmgmt.dll, click Start, click Run, type regsvr32 schmmgmt.dll, and then click OK.

Note You receive a message that confirms that the registration was successful.</li> <li>Click Start, click Run, type mmc, and then click OK.</li> <li>Click File, and then click Add/Remove Snap-in.</li> <li>In the Description area, click Add.</li> <li>Click Active Directory Schema, click Add, and then click Close.</li> <li>Click OK.</li> <li>Right-click Active Directory Schema, and then click Change Domain Controller.</li> <li>In the Select DC area, click Specify Name, type the name of the SBS 2003 computer, and then click OK.</li> <li>Right-click Active Directory Schema, and then click Operations Master.</li> <li>In the Change Schema Master dialog box, click Change.</li> <li>Click Yes, click OK, and then click Close.</li></ol>

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

324801 How to view and transfer FSMO roles in Windows Server 2003

</li></ol> </li> <li>Move the site licensing server to the SBS 2003 computer. To do this: <ol style="list-style-type: lower-alpha;"> <li>On the SBS 2003 computer, click Start, point to Administrative Tools, and then click Active Directory Sites and Services.</li> <li>Expand Sites, and then click Default-First-Site-Name.</li> <li>Right-click Licensing Site Settings, and then click Properties.</li> <li>Click Change, type the name of the new SBS 2003 computer in the Enter the object name to select area, and then click OK.</li> <li>Click OK to close the Licensing Site Settings Properties dialog box.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

273475 Licensing in Windows 2000 and differences with Windows NT 4.0

</li></ol> </li> <li>Wait for the new Active Directory objects to replicate to the SBS 2003 computer. The time this takes depends on the Active Directory size and on network performance. You can view the Directory Service event log to verify that replication has completed successfully. The SBS 2003 integrated Setup program may not continue if replication has not completed or if replication has failed.

To test replication, you can create a new test user on a domain controller and after several minutes confirm the object has been replicated to the SBS 2003 computer. You can also force replication from a domain controller. To do this: <ol style="list-style-type: lower-alpha;"> <li>On the SBS 2003 computer, click Start, point to Administrative Tools, and then click Active Directory Sites and Services.</li> <li>In the left pane, expand Default-First-Site-Name, expand Servers, and then expand the domain controller that you want to replicate from.</li> <li>Click NTDS Settings. One or more objects are listed in the right pane. One of those objects is a link to the domain controller you want to replicate from. To see the &quot;friendly&quot; name of the object, right-click the object and view the name. Right-click the domain controller object, and then click Replicate Now. The replication is performed immediately.</li></ol> </li> <li>Change the DNS settings on all domain controllers to point to the new SBS 2003 computer as the primary DNS server. To do this, follow these steps.

Note Follow these steps on all domain controllers in the Active Directory, including the SBS 2003 computer. <ol style="list-style-type: lower-alpha;"> <li>Click Start, point to Control Panel, point to Network Connections, right-click the internal network connection, and then click Properties.</li> <li>Click to select Internet Protocol (TCP/IP), and then click Properties.</li> <li>Change the preferred DNS server. Type the IP address of the SBS 2003 computer as the preferred DNS server. Also, make this change on the SBS 2003 computer.

Note The alternative DNS server can point to the previous preferred DNS server as long as it is a server that hosts the Active Directory zone.</li></ol> </li> <li>On the SBS 2003 computer, insert the SBS 2003 CD 1 into the CD or DVD drive and continue with the integrated Setup of SBS 2003 and its components.</li> <li>If you already have Microsoft Exchange Server installed in the organization, the integrated Setup installs Exchange Server into the existing organization. If you already have an Exchange 2003 Server or an Exchange 2000 Server in your organization, and you plan to retire that Exchange Server, you can move the mailboxes and public folders to the new Exchange 2003 Server before you retire the old Exchange Server. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

822931 How to remove the first Exchange 2003 Server computer from the administrative group

To move the mailboxes and public folders, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>On the existing Exchange Server in the organization, open Exchange System Manager. To do this, click Start, point to All Programs, point to Microsoft Exchange, and then click System Manager.</li> <li>At the top of the tree in the left pane, right-click the  icon, and then click Properties.</li> <li>Click to select the Display administrative groups check box, click to select the Display routing groups check box, and then click OK.</li> <li>Expand the Recipients container, and then click Recipient Update Services.</li> <li>Double-click each entry, and then enter the name of the new Exchange Server that is running on the SBS 2003 computer in the Exchange server area.</li> <li>Expand Administrative Groups, expand  , expand Routing Groups, and then expand First Routing Group.</li> <li>Click Connectors, right-click your SMTP connector if it is present, change the server that is listed in the Local bridgeheads area to the new SBS 2003 computer, and then click OK.</li> <li>In the left pane, under First Routing Group, click Members.</li> <li>In the right pane, right-click the new SBS 2003 computer, and then click Set as Master.</li> <li>In the left pane, expand Administrative Groups, expand  , expand Servers, and then expand the Exchange Server that existed before you added the new Exchange Server on the SBS 2003 computer.</li> <li>Expand First Storage Group, expand Mailbox Store, and then click Mailboxes.</li> <li>Select all the mailboxes, right-click the mailboxes, and then click Exchange Tasks.</li> <li>In the Exchange Task Wizard, click Move Mailbox, and then click Next.</li> <li>Click to select the new SBS 2003 computer in the Server list, and then click Next.</li> <li>Specify how you want the Move Mailbox procedure to handle corrupted messages, and then click Next two times to re-home all the mailboxes to the new SBS 2003 computer.

Note This procedure also re-homes the public folders to the new SBS 2003 computer.</li> <li>Click Finish.</li> <li>As soon as replication is successful, remove Exchange Server from the computer that is to be retired. If the computer that is to be retired is also a domain controller, run the Dcpromo.exe program to remove this computer from the domain before you physically retire it.

Note You must instruct all Exchange Server users to point to the new Exchange Server.

If a domain controller is physically removed and the Active Directory Installation Wizard (Dcpromo.exe) is not run first to demote the domain controller to a member server, the computer object still exists as a domain controller in Active Directory. The previous computer object must be removed from Active Directory. For more information about how to manually remove the configuration data for the domain controller from Active Directory, click the following article number to view the article in the Microsoft Knowledge Base:

216498 How to remove data in Active Directory after an unsuccessful domain controller demotion

Note Before you physically retire any domain controller on the network, make sure you demote the domain controller by using the Dcpromo.exe program.</li></ol> </li></ol>

Keywords: kbhowto kbinfo KB884453

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.