Appendix A - NetWare 3.x Migration
Updated: September 15, 2010
Applies To: Windows Server 2008 R2
NetWare 3.x services typically include file, print, and limited Internet services. NetWare 3.x environments use binderies to store user account and other resource information and are maintained on each server in the network. However, replication of account information is not provided. Individual implementations of bindery services normally include file and print services; however, older versions of messaging, applications, and databases might also be present that rely on NetWare 3.x services.
Migration of Bindery environments is simpler than migration of other Novell environments, because only a small number of services are subject to migration. Further, migration from NetWare Bindery to Windows Server 2008 R2 Active Directory is almost always desirable unless some specific application or service prevents the migration. Such scenarios could occur when you migrate an application such as Novell GroupWise. In this situation, some additional planning might be required.
If migration is not an option, you can implement interoperability easily at several levels. The Windows Server 2008 R2 operating system includes support for connecting to NetWare Bindery servers or for using MSDSS to synchronize accounts with the Windows Server 2008 R2 Active Directory.
Directly Migrating NetWare 3.x Accounts and Groups
To perform a direct (non-staged) Accounts and Groups migration from a Novell NetWare 3.x Server Bindery to the Active Directory using MSDSS on the Windows Server 2003 functional domain, follow these steps:
On the Windows Server 2003 R2 domain controller, with MSDSS installed, click Start, point to All Programs, point to Administrative Tools, and then click Directory Synchronization. MSDSS starts.
The MSDSS MMC snap-in appears with your Active Directory Forest name in parentheses on the title bar.
To open the New Session Wizard, in the MSDSS console tree, right-click MSDSS (Your Active Directory Forest Name), and then click New Session on the shortcut menu. The New Session Wizard starts.
On the Welcome to the New Session Wizard page, click Next to continue with the accounts and groups migration.
On the Synchronization and Migration Tasks page, choose the following three settings:
On the Synchronization and Migration Tasks page, in the Select NDS or Bindery list, click Novell Bindery.
Under Select a task, click Migration (from NDS or Bindery to Active Directory).
Under Select a task, select the Migrate Files check box. This will create the file migration log required by File Migration Utility.
The Migrate Files check box is selected. This setting does not force you to immediately migrate the files, but rather creates a text log file to be used later for the file migration when you are ready to migrate files. It is recommended that you select Migrate Files, even if the timeframe for file migration is not yet decided.
Your screen should look like this: !(images/Ff978896.b02f5bb4-8a99-4fea-84ee-26c896ceccc6(WS.10).gif)
If files are to be migrated with directory objects, you must select the Migrate Files check box. In a default settings installation of Windows Server 2003 and MSDSS, the file migration logs are placed in the %systemroot%\system32\Directory Synchronization\Session Logs folder. The file migration logs are sequentially named “1.txt; 2.txt; 3.txt, and so on.”
Record the Migrate Files log locations—you are prompted for the file names and their locations when you use File Migration Utility. (If you have not recorded them, you can search for them on the disk at that time.)
On the Active Directory Container and Domain Controller page, click Browse to select the Active Directory Container in which you want to place the migrated NetWare Users and Groups.
In the Select an Active Directory Container dialog box, browse to select the object container that will store the NetWare Users and Groups.
You cannot use MSDSS to migrate the NetWare Users and Groups into the Active Directory Domain Users object. If you have not already created the object container that the NetWare Users and Groups are to be placed into, you can do so now by opening the Active Directory Users and Computers MMC snap-in and creating it, and then re-opening the Select an Active Directory Container dialog box to select the new object container.
On the Active Directory Container and Domain Controller page, under Active Directory container, type the path to the Active Directory container to which you want to copy items, or click Browse to locate the container.
All sub-containers of the selected containers are copied.
In the Domain controller box, accept the default domain controller in which you want to store the migration log, or click Find to locate a different domain controller to store the log, and then click Next.
On the Bindery Container and Password page, click Browse to select the NetWare Bindery Server that you want to migrate.
In the Browse for bindery server dialog box, browse to select the bindery server that you want to migrate, and then click OK.
After you select the bindery server, the Bindery Container and Password page reappears. Click Next to continue.
In the User name and Password text boxes, type the Novell Administrator account and password that you want to use for synchronization, and then click Next.
On the Initial Reverse Synchronization page, click Password Options.
In the Password Synchronization Options dialog box, click the appropriate option, and click OK.
NDS and Bindery do not allow user passwords to be read. Therefore, you need to choose a password assignment scheme to specify how passwords are assigned in Active Directory once they have been migrated from NDS or Bindery.
For an extended description of the four password options, see the “MSDSS Password Management” section of this document.
On the Initial Reverse Synchronization page, click Next.
To complete the migration of NetWare Bindery User Accounts and Groups to Active Directory, on the Completing the New Session Wizard page, click Finish.
The Synchronize dialog box informs you when the migration is complete. For more information on the migration, click View Logs, or click OK to complete the migration.
To confirm the migration of accounts and groups, start Active Directory Users and Computers.
In Active Directory Users and Computers, click the Active Directory object into which the Accounts and Groups were migrated. Confirm their existence and their proper group memberships.
Close Active Directory Users and Computers.
Migrating NetWare 3.x Files to Active Directory
To migrate NetWare 3.x files to Windows Server 2003 R2 domain controller, follow these steps:
Start the File Migration Utility by clicking Start, point to All Programs, point to Administrative Tools, and then click File Migration Utility.
The server performs an initial check for connectivity and logon IDs.
Click Next to continue the file migration.
On the Migration Log Selection page, click Browse to select the migration log to use as the template for file migrations.
The migration log is the log file generated during the previous migration of accounts and groups.
In a default settings installation of Windows Server 2003 R2 and MSDSS, the file migration logs should be located in the *%systemroot%\\system32\\Directory Synchronization\\Session Logs* folder. The file migration logs are sequentially named “1.txt, 2.txt, 3.txt, and so on.”
On the Migration Log Selection page, select the Validate Active Directory maps check box, and then click Load Data.
This step confirms that the user mappings work with the file migrations. See the following screen shot for more detail.
To display the Novell to Active Directory user mapping, click View Maps.
Confirm the mappings, and then click the Close button.
To make adjustments to the Novell to Windows Active Directory permissions mapping, click Access Rights.
To increase the Modify permission mapping to include Read with Write, in the Access Rights dialog box, select the Write check box, and then click OK.
Because Novell file permissions do not identically map to Windows Server 2008 R2 file permissions, you have the option of changing the extent of rights that the Novell Modify file permission has.
By default, the Windows Read permission is made equivalent to Novell Modify. The Novell Modify command can also be made equivalent to the Windows Read with Write permission combination.
To skip the Security Accounts for Migration (Optional) page, click Next.
This optional page makes it possible for you to verify the NetWare Server you are attached to and change the NetWare supervisor account information you use to attach to the server. It also displays the Active Directory user account with which you are logged on to the Windows domain, makes it possible for you to change Novell login script behavior, and makes it possible for you to attach to the system via dial-up connections.
On the Source and Target Volume Migration page, browse for and select the NDS or Bindery source object and the Active Directory target object.
The following screen illustrates a partially expanded Novell Bindery to Active Directory migration screen. The left side of the screen shows the Novell NetWare 3.x Server SYS volume view, partially expanded. On the right side is the Active Directory Forest view, partially expanded.
If the Windows file share that you are migrating to is located on a domain controller or workstation, verify that the Domain Controllers check box and Workstations check box are selected.
If the Bindery volume you that select in the source tree indicates Unavailable, then you are not currently logged on to that Bindery server. Log on, and then continue with the migration.
Identify and select the appropriate source and target locations for each user to be migrated. After you select each user’s source and target directory, click the Map button in the center of the page.
In the View computers of type box, select the type of computer that the user’s files are migrated to. In the figure shown, the selections made for View computers of type (Domain Controllers and Member Servers) affect the selections shown in Target (Active Directory) box.
On the following screen, the Novell Server and Active Directory Forest is expanded, and the sample user ANNEPA’s source directory in NetWare and the Active Directory target directory are selected.
In this example, the source directory is user ANNEPA’s home directory; the target directory was created in a shared folder on a Windows Server domain controller before or during the migration process.
In the following screen, the source and target for the user ANNEPA have been selected, and Map has been clicked.
In the Migration order of maps box, confirm the data mapping that occurred.
Assume that after the user ANNEPA was mapped, two more sample users, DONHA and FUKIKOOG, have been mapped for migration by selecting both their unique source and target directories.
As the users are mapped, their data mapping information is displayed in the Migration order of maps field. The data mappings can be reordered or even deleted and remapped if necessary.
When all of the user mappings are complete, click Next to continue.
On the Log Settings (Optional) page, select the Enable logs check box.
It is recommended that you enable logging for the migration. You can then select other options, such as the file naming attributes. The results from the logs can be reviewed at a later time if needed.
Click Next to continue with the migration.
On the Source Files and Target Verification page, click Scan to confirm that the system is ready to migrate the files.
The system verifies that the target roots and source objects are valid, and that the target disks have enough space available. Although there is an option to bypass errors during a scan, it is not recommended that you use it on the first scan, if at all.
After the scan is complete and you have reviewed the results, click Next to proceed with the file migration.
On the Start Migration page, click Migrate to begin the file migration.
The following screen shows the results of a completed migration:
Review the results, and then click Next to finish.
On the Completing Migration with File Migration Utility page, review the results of the file migration, and then click Finish to close the utility.