RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 27 Sep 2005 17:39:19 -0700
First bad assumption - don't build your forest structure around ISA -
build ISA into the forest structure. Design your AD before you worry
about your edge.
You can adapt the ISA deployment to that later.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Danny [mailto:nocmonkey@xxxxxxxxx]
Sent: Tuesday, September 27, 2005 16:06
To: [ISAserver.org Discussion List]
Subject: [isalist] 2000 to 2004 Possible Upgrade Scenarios with Seperate
ISA AD Forest
http://www.ISAserver.org
Environment:
Servers: Windows 2000 SP4
AD: 2000 forest/domain from old NT 4.0 migration
ISA: 2000 SP2, separate forest, one and only DC, with trust to other
forest
Clients: Windows 2000 Pro SP4 & XP SP2 - some with firewall client
Goal: Implement new Windows Server 2003 Standard and ISA 2004 Standard
Server to replace current without decreasing security posture.
Possible implementation scenarios that comes to mind (in no particular
order of preference):
1) Install 2004 in its own new 2003 based forest (only one DC would be
available hardware-wise), create a trust between production domain
(the one users actually log into), mirror the ISA 2000 config, somehow
point the clients to the new server, break the old ISA 2000 trust, and
kill that forest and server.
2) Add the new 2004 server to the ISA forest, mirror the ISA config,
retire the old ISA server, and rename the 2004 server to original.
3) Install 2004 as a member server of the 2000 production domain,
somehow point the clients to the new ISA server, retire the old ISA
2000 trust, forest, and server.
I hope that I explained everything well enough, as the ISA 2000 server
is dying, and tomorrow night may be our only window of opportunity in
the next few weeks to perform the upgrade.
Thank you!
...D
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
