Microsoft, ARG!!!
So I manage a network for a living. I'm a "Network Administrator" according to my business cards. I think my title should be "Technology Whipping Boy" or perhaps "Technology Babysitter". I basically do anything and everything computer related for a small (less than 150 employees) scientific research company. Now I love my job as much as I think is healthy but sometimes I'm driven to the brink of sanity.
When I was hired two years ago the company had 6 Windows NT 4.0 servers and around 100 NT 4.0 workstations. That's right, the entire company was running on a 7 year old OS/NOS. First to go were the NT40 workstations.
I started there because I couldn't buy any new hardware! You try running the onboard NIC of virtually any motherboard out there on NT40, good luck. Not to mention that lack of USB support was crippling for virtually any peripheral. New people would actually laugh when I told them they couldn't use their USB flash drives, they thought I was some kind of security Nazi and that I wouldn't let them use it. I developed a standard set of PC and Laptop images using SYSPREP and Ghost. Then the big Windows XP rollout occurred...100+ clients later NT40 was almost completely eradicated.
Now the much more daunting task of upgrading the NOS infrastructure. The intent was to upgrade to Server 2003 and re-use all the existing server hardware. This is a less then ideal situation but my old HP NetServer LC2000 servers were capable of handling 2003. I decommisioned one of the NT40 BDCs and used it for my first Windows 2003 AD server. With AD in place and a 2-way trust between it and the old NT40 domain I could begin my migration. I purchased two Dell 745N NAS boxes for bulk storage and used them to offload my existing NT40 file servers. The 745s can hold 1TB each, are very fast and extremely simple to manage I would recommend these for people that have large data stores that are relatively static. With the file servers relieved of their file serving duties they could transition to new roles as AD Domain Controllers and intranet web servers.
Finally the only NT40 servers left were my PDC and my Exchange 5.5 server. I didn't have the budget to migrate to Exchange 2003 at the time so that server had to stay NT40 and connect to AD via Microsoft's ADC tool. This actually works better than you would think and allows for you to manage the old Exchange message store and account info via Active Directory.
At this point I began migrating user accounts into the new domain. Over a period of two weeks I had all my users logging into the new domain. From the end user view, the change was very minimal and the impact on their work was non-existent. Once all the users are migrated you can break the Trust and decommission that last NT40 PDC. I would recommend you wait a couple of months to unplug that box because I promise that you will have missed something. Infrequently used accounts, obscurely assigned rights and nested groups come to mind. Once you break the trust or decommission the old NT40 PDC any rights assignments that you didn't migrate will cease to exist.
That's a VERY basic descritption of what is involved. I don't consider this an easy process and wouldn't recommend that you undertake it lightly (I've got 10 years of supporting Novell, NT40 and Windows 2000 networks). However, it is easier than the NT40>Windows 2000 process was. Microsoft does deserve credit for creating some free tools that make this process MUCH easier in migrating to Windows 2003. Of course those tools exist because the majority of the NT40 community sat out the Windows 2000 generation and Microsoft wants the money that those upgrades represent.
Essential Migration tools:
ADC (if Exchange is involved)
ADMT (Active Directory Migration Tool for user accounts, groups, ACLs, etc)
ACT (Application Compatibility Toolkit for those ancient NT40 apps)
Heroin (this process will make you want to chase the dragon:)
