Windows – How to replace a Windows server with minimal problems for admins and users

This weekend we replaced a Windows server of a few years old, with a new one. Despite having imported computers and users from Active Directory on the old, to the new server (with loss of password, but that is not very important), and the whole experience was close to a nightmare.

The PCs were not recognized by the server, people could not log in (something about "computer not in security database of server"? I forgot the exact wording.). We had to:

1. Remove each PC from the domain by adding it to a workgroup instead (on the PC, not on the server)
2. Add the PC back to the domain, and restart it
3. For Windows 7, it also required that we removed the old entry for that computer from the Active Directory on the server, or we'd get a conflict that the computer name was already in use. (For XP that was apparently not necessary.)

That's not the end of it: when the user logged in a new profile was generated on the PC, complete with new settings and a new "my documents" folder, with loss of (Outlook) email as a result.

Trying to Google for this problem, the only solution we found was precisely what we did. Which is just way too impractical.

Okay, because we have more server upgrades planned, I have to ask: did we overlook something? Is there an approach that we can take, preferably on the server itself, so all users can still just log in from their PC (possibly with a temporary password), and retain all their personal data (settings, my documents, …) that was stored on it?

p.s. The old server was Windows Server 2003, the new one is Windows Server 2008 (upgraded to R2), if that makes a difference.