Glad to be of help.
Essentially the process is that you have to upgrade your existing WINNT 4.0
Domain to an WIN2000 Active Directory Domain. naturally, you could do the
WINNT 4.0 to WIN2003 AD as well but you have stipulated that you wanted to
go to WIN2000! This is accomplished by upgrading your WINNT 4.0 PDC. If
any changes are desired then you would have to make it on the PDC before the
upgrade.
Most people do not care to have an upgraded domain controller. I would
suggest that you do the upgrade and then join that new Server to the domain
as an additional DC in an existing domain. I might even transfer all five
of the FSMO Roles ( Schema Master, Domain Naming Master, PDC Emulator, RID
Master and Infrastructure Master ) to the new, fresh WIN2000 DC - but give
everything some time. Make that a Global Catalog Server as well. Make sure
that this DC takes care of all the services ( DNS, DHCP, etc. ). Maybe
after a week or two - assuming that all goes well - you can run dcpromo on
the upgraded DC ( the one that was the WINNT 4.0 PDC ) to bring it down to a
Member Server. Then you can remove it from the domain and then format and
load a fresh install of WIN2000 on it and then dcpromo it again to a DC.
Naturally, you would need to make sure that any user folders/files were on
that machine were either transferred over to the other DC ( or other server
that has remained unmentioned ) or restored from backup ( and I would not
really want to rely on that unless you have tested it ).
Please be aware that any existing WIN2000 Professional systems might
authenticate ONLY against the upgraded DC. Take a look at the following
MSKB Article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;284937
Now, your original post is open to interpretation. I re-read it and noticed
that I was a bit limited in my initial processing of your post. Sorry! If
you wanted to configure that new WIN2000 DC in a completely new domain /
tree / forest you could do that. You would then need to set up a trust
between that new AD Forest and the existing WINNT 4 domain ( take a look at
NETDOM for this ) and use ADMT v2 to migrate all of the accounts. This
would be another possible scenario for you. You would need to have NetBIOS
name resolution for the trust. This could be accomplished either with WINS
of with lmhosts files. Make sure that the WINNT 4.0 PDC and the WIN2000 DC
that holds the role of PDC Emulator can reach each other ( and since in your
WIN2000 AD you have only one DC that one is clear! ). I would suggest using
NETDOM to create the trusts between WINNT 4.0 and WIN2000. NETDOM is part
of the WIN2000 Support Tools. I would suggest that you use the Support
Tools from the WIN2000 Service Pack CD rather than from the WIN2000 Server
CD.
Take a look at the following link for some information on this:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/profwin/pw0402.asp
As you can see, you have several choices. I am just not sure that creating
a new domain / tree / forest would be the best path for you.
HTH,
Cary
