0

I have an existing W2003 Domain, simple setup with one DC and a SQL Server (approx 100 users). There are issues with Windows 7 Clients and login scripts and we're now seeing much greater numbers of Windows 7 users turning up as they upgrade their PC/Laptops.

What I want to do, is add another Server with W2008 on it, and authenticate the Windows 7 Clients - but leave the W2003 server running as is - to prevent disruption to the network and the existing WinXP users.

Is it possible?

Any advice as to how do this, without major disruption to the W2003 network?

spelk
  • 87
  • 1
  • 4
  • 10

1 Answers1

0

It sounds like you're wanting a completely separate domain for the Windows 7 clients. Why?

Windows 7 clients can authenticate against a 2003-based domain with no problem whatsoever. You'll only be overcomplicating things by separating the two client OS platforms. If you're having problems with your Windows 7 clients running login scripts, I would wager that these problems could be fixed without having to make any changes to your infrastructure.

That said, if you want some additional redundancy for your domain, you can add a Windows 2008-based Domain Controller to a 2003 domain. Before you can add the DC, you'll need to prepare the domain and forest first using adprep and forestprep, which are on the Windows 2008 DVD.

Chris McKeown
  • 7,128
  • 1
  • 17
  • 25
  • The problem we're having is that Windows 7 clients are not running the login scripts properly, and the drives/printers are not being mapped. Our VBS login script is attached to the Default Domain GPO and Windows 7 clients have issues processing the script (I think it's down to tighter security measures). The original plan was to simply upgrade from a W2003 DC to a W2008 R2 DC, but I didn't want to risk disrupting an already very stable network. I thought by adding new hardware, and W2008 R2 addresses the issues for W7 clients, we could avoid any major disruption. – spelk Jun 12 '12 at 10:05
  • 1
    You don't need to add a 2008 R2 DC to take advantage of features like Group Policy client side preferences for mapping printers. In addition, you could shift the problem script into a different GPO that only applies to OUs with your pre-Win7 clients. Adding new hardware to fix a problem like this (instead of finding the root cause and fixing that), is overkill in my opinion. Besides, unless you segregate your Win7 clients into a separate domain, the login script will still get executed. – Chris McKeown Jun 12 '12 at 10:25
  • I'm with Chris, solve the problem. Adding a subdomain will only add unnecessary complication to the environment. Win 7 should work fine with Win2k3. On the other hand, why not pursue upgrades of your DCs while you are at it. There are plenty of reasons to do so. – uSlackr Jun 12 '12 at 13:10
  • It sounds like adding a W2008 DC into the W2003 Network is as much work and disruption as is attempting an upgrade of the original W2003 DC to W2008 anyway. I wonder if its possible for the transfer of the AD to a new W2008 DC box, and then demote the W2003 DC to just a file server? We're purchasing the new hardware, regardless of how I do this. Would this be a viable route to take? – spelk Jun 14 '12 at 13:24
  • Yes, you could add a new 2008 DC, allow the directory to replicate, move the FSMO roles off the old server and then demote it. – Chris McKeown Jun 14 '12 at 13:47