2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
- From: Danny <nocmonkey@xxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 27 Sep 2005 19:05:49 -0400
Environment:
Servers: Windows 2000 SP4
AD: 2000 forest/domain from old NT 4.0 migration
ISA: 2000 SP2, separate forest, one and only DC, with trust to other forest
Clients: Windows 2000 Pro SP4 & XP SP2 - some with firewall client
Goal: Implement new Windows Server 2003 Standard and ISA 2004 Standard
Server to replace current without decreasing security posture.
Possible implementation scenarios that comes to mind (in no particular
order of preference):
1) Install 2004 in its own new 2003 based forest (only one DC would be
available hardware-wise), create a trust between production domain
(the one users actually log into), mirror the ISA 2000 config, somehow
point the clients to the new server, break the old ISA 2000 trust, and
kill that forest and server.
2) Add the new 2004 server to the ISA forest, mirror the ISA config,
retire the old ISA server, and rename the 2004 server to original.
3) Install 2004 as a member server of the 2000 production domain,
somehow point the clients to the new ISA server, retire the old ISA
2000 trust, forest, and server.
I hope that I explained everything well enough, as the ISA 2000 server
is dying, and tomorrow night may be our only window of opportunity in
the next few weeks to perform the upgrade.
Thank you!
...D
Other related posts:
