sbs2003 migration questions.

A

atomiser

Gawd
Joined
Jun 12, 2004
Messages
619
hi there,

ok, so it looks like we've got one of our clients with a troublesome setup to go for some new hardware and a fresh installation of sbs2003. result! i have a couple of questions regarding what we are about to undertake though.

we are essentially going to start from scratch with a proper design and new installation. one issue that we have though is that in the short term we are going to need to leave the old server 'online' because it hosts an application reliant upon an sql database. once they are happy with the new sbs setup we will then arrange for the old server to be flattened and then it will be freshly re-installed as a member server just hosting the application.

i don't want to do too much to the old server for fear that we might break it as at the moment its mission critical. the new installation of sbs is going to see the network re-addressed becase at the moment it clashes with most soho environments so remote access to the network via vpn often causes them problems. the new ad will be configured with a different internal domain name. the most i really want to do with the 'old' server is disable dhcp and re-address it. can i get away with this? there is no need to transfer any roles from the previous server or anything because it will effectively become defunct.

the other issue is that ideally i want to leave all the shared folders on the old server and have them only move 'current' data into the new folder structure because there is *lots* of 'chaff' in there. we can then archive the remaining data for them before we flatten the old server. the problem is that all the permissions have been played around with so its a bit of a nightmare. is the easiest way around this to remove all the shares to blow away the previous permissions setups and then to reshare them just allowing the 'everyone' group full access for the period of the migration?

another area of concern is email. a week or so before we start the migration we are going to get their incoming email handled via a smart host a) to control the horrendous amount of spam they receive at the moment and b) so we dont lose any email during the cut over. can't believe they don't have this already! i don't really want to do any transfer of the old exchange system to the new for fear of transferring any nasties in the old system. we may even consider changing their email domain name because at the moment they have one for email and another for their website. can i, therefore, just export all their email/calendar/to-do lists etc into outlook .pst files - flatten the pc's - join them to the new sbs network - and then import their mail from the exported .pst files? will this then be squirted into their new mail file on the new sbs network and therefore be available via outlook web access etc? any other approaches to this problem?

i think thats about it for the time being, but no doubt there will be more as we do the planning for this.

many thanks, andy.
 
From skimming this thread in a minute...the only concern I would have, is this SQL based application that you want to keep going.

Two SBS boxes won't naturally get along on the same network. DHCP service will fail on one of them...OK..no biggie, could disable that on the old one...long as the server names are different, and different IP addresses of course..and they could co-exist. Can't have trusts between SBS...but you could still access shares on the other through Admin or matching user accounts.

Will they need constant multiple access to this? Or just leave the old box and perhaps 1x workstation still hooked up to it for legacy lookups for a while?

Transferring files...what I do...is snag an old workstation...or I'll leave a huge chuck of the new servers hard drive...as a FAT partition. Copy all the files from the old server..over to this FAT partition. Any NTFS permissions are dropped once it lands on a FAT partition.From there..copy to the new server..they're squeeky clean. ;) When I'm done with that FAT partition if it's on a partition on the new server..simply use partitioning software to merge it into whatever 2nd NTFS paritition I wish..once I format it.

Alternatively...you can "take ownership" once you copy all the files over..if you bring them onto an NTFS partition. If it's users folders..can bring them over user by user...copying them into the appropriate place..and the new servers permissions will ripple down into them correctly.

E-Mails...yes....before you disjoin the old domain with the workstations..export their e-mails to PSTs. Place the PSTs in a neutral location like C:\Download\Stuff on the workstations...once you join the domain and setup Outlook to their virgin profile...import from PST. Done! It's all there. Any public folders..you can do the same steps from an account with Admin privies.

As far as the mail hosting/DNS segway...DNS will take a while to replicate across the internet..I try to do this beginning on a Friday..and give it the weekend to mostly get around. Any e-mail still going to their old host for a while...don't kill that account for a week or two..you can still log into their old e-mail via direct address of server name or IP address..and fetch their mail.
 
Thanks YeOlde...

RE: The two SBS servers co-existing, yeah I'm aware they won't play nicely together if they were both trying to serve for the same domain - the computer name and the internal ad domain name will be completely different. We'll disable the DHCP server on the 'old' one and in theory all should be fine. The servers co-existing is purely a temporary measure - the plan is to flatten this as soon as they are happy with the new setup and all the data is migrated, at which point it will be freshly re-installed and added as a member server to the SBS network purely to host the app.

RE: Transferring files, the issue were going to have here (which we experienced the other day, grrr!) is that the permission have been messed with at the *server* level as opposed to just the *shared folder* level so even as the administrator of the system we don't have full access to everything locally at the moment...this means that we are going to struggle to copy stuff off the server. I'd love to hear of any utilities that would allow us to take ownership of every folder/file again...then your suggestion of temporarily moving to a non-permissions based file system temporarily to 'start afresh' sounds like a grand idea.

RE: Email, glad to hear that simply re-importing their PST files will populate their mail file on the new server as I was really worried about this. I will have a dry run of this on my test environment first just to be 100% confident - more in my own ability rather than the software!

RE: Smarthosting/DNS, I think what we will probably end up doing is keeping the same email domain name, migrating them via a Smarthost to the existing server and then when we want to cutover we will just change the port forward on the router to point to the new SBS server. Sound like a reasonable idea?

Thanks!

Andy.
 
With the permissions....one thing you can do ahead of time...is just take ownership of that root directory (or directories) that these files are in...on the old server..ahead of time. I wouldn't do it on the entire partition..just in case some system directories are on there..such as infostore, etc. But on the root folder of the shares themselves..such as "Users", or "CompanyShare", etc. Right click..drill down in the permissions..take ownership..and hit that checkbox to apply to all folders/subfolders/etc. It can take a while if there's a lot of junk.

Another thing I do ahead of time..before doing a large file transfer from a server...is run checkdisk on the data partition..and then a defrag. It sucks if there's a corrupt file or two that bungles up a large file transfer after an hour of copying. Plus doing a defrag helps cut down on time. Also to help on cutting down on time...whack real time file protection on the antivirus when doing the transfer. If there is no gigabit switch around onsite...bring along your own little 5 port model...they're cheap enough these days, for 55 bucks can snag a cheap 5 port model. The time savings is worth it for you.

I'm still not clear on what the e-mail setup is. What are they currently doing right now? POP3? Or direct via DNS?
 
thanks for the top tip on taking ownership. im fairly surely the current server has everything installed to c:\ so all the junk on d:\ is quite literally that. i think we will do a piecemeal approach of applying it to some folders and copying the data across, then do some more, rinse and repeat approach.

they've got themselves a nice procurve 2650 switch (probably the *one* thing thats been done properly in the place!) so both servers will utilise the dual-personality gig copper ports - file transfers should be fine and dandy.

the email setup is all done directly via dns, apart from one of the directors who - in addition - has an additional legacy pop3 account with a provider. the pop3 connector on sbs is just pulling these down on his behalf and then dropping it into his exchange mailbox for him. it's a gash setup because if ever the internet connection or server were to be offline they just lose email. the sooner we can get incoming mail done via a smarthost the better!
 
Shouldn't be a problem flipping their e-mail then. The POP3 connector always helps in bringing over legacy e-mails. Flipping hosts...that should also go smoothly. For "clients" who send them mail..that haven't gotten their DNS updated yet with the new IP address of the smart host..will simply keep forwarding mail directly to the SBS box. Over a week or so this should stop...as even the most remote of clients on the poorest and slowest updated ISP DNS servers are usually caught up within a couple of weeks. You can then lock her down more..and put an ACL on it to only accept SMTP (I do it on both the router..and within Exchange itself) from your smart host...helping you feel the Exchange box is even more secure.

When the internet connection is down..or the Exchange server is down...mail still queues up for it even without a smart host for a bit..there is a "retry" period by default. So unless it's a long period of time that it's down...rarely is mail actually "lost". But a smart host is still desired.
 
yeah im hoping the email migration will go smoothly...the sooner we get them behind a smarthost the better...the one email address they have published on their website - the inbox for that account was hit with 1900 spam messages over the weekend...ouch! they are having the website redesigned at the moment so i think ill also suggest a contact form rather than a published email address.

i have a couple more queries about the take ownership part of the migration, but i will get some sanitised screenies from the server before i ask them otherwise i will just confuse you!
 
atomiser said:
yeah im hoping the email migration will go smoothly...the sooner we get them behind a smarthost the better...the one email address they have published on their website - the inbox for that account was hit with 1900 spam messages over the weekend...ouch! they are having the website redesigned at the moment so i think ill also suggest a contact form rather than a published email address.
Click to expand...

Now's the time to have the website people "Encode" the mail link...so it's much more immune to the harvesting spiders. Rather than the old fashioned "Mailto:" link that the spiders add to their lists, when you right click and go to properties. :cool:
 
Just Google encode email link

If you can right click an e-mail address on a web page...and see the "mailto:[email protected]"....it's on the menu for harvesting bots.

Encoding typically puts it into javascript so it will appear as

script type="text/javascript" language="javascript">
<!--
ML="l.@jencot";
MI="374267701548";
OT="";
for(j=0;j<MI.length;j++){
OT+=ML.charAt(MI.charCodeAt(j)-48);
}document.write(OT);
// --></script

which is more useless to them.

A quick and easy service that the website guru can quickly do..doesn't stop spam immediately..but it cuts down on quite a few future spam as your website and contacts aren't being added to spam lists nearly as much.
 
yeah i had a quick google, and found a website that encoded it for me into something that wasn't 'human readable' but then proceeded to post it as an example without first thinking duhhhh the website will just interpret it correctly! that said, the example you have provided is obviously using a different method so ill look into it further. thanks for the suggestion, you're a font of knowledge!
 
You must log in or register to reply here.
Back
Top