Prepare to Migrate

 

Applies To: Windows Server 2012 R2

Migration of Network Policy Server (NPS) includes the following tasks:

Complete the steps or procedures in these sections to prepare your environment for migration.

If the server running NPS will be joined to a domain, membership in the Domain Admins group, or equivalent, is the minimum required to complete this procedure. If the server running NPS is not domain joined, membership in the Administrators group, or equivalent, is required. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

Choose a migration file storage location

First, choose a location where migration files will be kept.

To choose a storage location

  1. Select a file storage location where migration files will be kept. The storage location can be a network share that is accessible by both the source and destination server, or portable media that can be transferred from one server to another.

Prepare your source server

Follow these steps to prepare an x86-based or x64-based server running Windows Server 2003, Windows Server® 2008, Windows Server® 2008 R2, Windows Server® 2012, or Windows Server 2012 R2 for NPS migration.

To prepare the source server

  1. Determine the domain, server name, IP address, and passwords on the source server.

  2. If the source server is domain joined, determine the group membership of the source server in Active Directory Domain Services (AD DS), including security group and OU membership. This can be done using the Active Directory Users and Computers console (dsa.msc) or Server Manager on a domain controller.

Prepare your destination server

Follow these steps to prepare an x64-based destination server running Windows Server 2012 R2 for NPS migration.

Scenario 1: Prepare the destination server using the same host name and IP address

  1. Install Windows Server 2012 R2 on the destination server.

  2. If the source server host name is used by RADIUS clients or remote RADIUS server groups, name the destination server with a temporary server name, for example: TempNPS.

  3. If the source server IP address is used by RADIUS clients or remote RADIUS server groups, assign a different temporary static IP address to the destination server.

  4. If the source server is domain joined, add the destination server to the domain of the source server. Configure AD DS group membership settings on the destination server that are identical to the source server, including security group and OU membership.

  5. Install the NPS role service using the steps provided in Install Network Policy Server (NPS) (https://go.microsoft.com/fwlink/?LinkId=169633).

  6. If the source server has non-Microsoft authentication methods installed, then install same authentication methods on the destination server using your vendor documentation before importing the source server configuration.

  7. If the source server has extension DLLs installed, install the same extension DLLs on the destination server before importing the source server configuration. For more information, see Setting Up the Extension DLLs (https://go.microsoft.com/fwlink/?LinkId=169632).

  8. If the source server has non-Microsoft SHVs installed, then install same SHVs on the destination server using your vendor documentation before importing the source server configuration.

Scenario 2: Prepare the destination server using a different host name and IP address

  1. Follow the same steps as provided for scenario 1, replacing the temporary server name with the new destination server host name, and assigning a permanent static IP address.

The destination server is now prepared for migration.