Preparing Your Network Infrastructure for Windows 2000
Preparing Your Network Infrastructure for Windows 2000 |
|
Some companies will plan an incremental deployment of Windows 2000 into their production environment, while others will plan for a complete migration to the new system. By installing Windows 2000 on a few servers in your organization, you can maintain your existing Windows NT 4.0 domain and trust relationships within the Windows 2000 domain framework, and give your company time to become familiar with Windows 2000 operations and concepts. For more information about migration strategies, see "Determining Domain Migration Strategies"in this book.
Windows 2000 is designed to work within a Windows NT 4.0 network. Windows NT 4.0 workstations, using the NTLM protocol, can send network authentication requests to any Windows 2000 domain controller acting as a domain controller in a Windows NT domain. Trust relationships are easily established between Windows 2000 domains and Windows NT 4.0 domains, supporting authentication between domains. When deploying Windows 2000, you do not need to migrate all of your Windows NT 4.0 domains to Windows 2000 at the same time.
When you upgrade a domain to Windows 2000, you need to upgrade the primary domain controller in a given domain first. Then upgrade the backup domain controllers in that domain to Windows 2000 domain controllers at your own pace. Then add the domain to the Active Directory tree. You can upgrade member servers and client computers independently from your domain upgrade strategy, but if no Windows 2000 domain controller is installed, these computers will not have access to Active Directory or other advanced features.
When you upgrade a domain controller, as in most network-related operations, have a plan to roll back your changes if something goes wrong. One of the tasks you should perform to prepare for a domain controller upgrade is to bring current and then isolate a backup domain controller, so it can act as a recovery domain controller. For more information about preparing a recovery domain controller, see "Determining Domain Migration Strategies"in this book.
If a Windows 2000 domain controller is functioning within a domain containing Windows NT backup domain controllers, the total number of objects (users, user groups, and computers) in that domain should not exceed the recommended limit for Windows NT domains of 40,000.