Moving Active Directory domain 1

[melbert2002]

Hello all,
I have a little issue here. I need to move my current domain to a new one. I have another server that is built with 2003 R2 and is pretty much a blank slate. Here is what I want to do. My current Domain is DOMAIN01, I want to change that to NEWDOMAIN on the new machine. I just want to make sure that I can transfer the current users to the new domain correctly without recreating the accounts or changing passwords, once thats done, Im going to change the internal IP address from 192.xxx.xxx.xxx to 10.xxx.xxx.xxx.

Just wondering if there are any big issues that I have to worry about with this kind of move.

 

[dearingkr]

You'll probably want to use the Active Directory Migration Tool (ADMT).

See the link below:

http://technet2.microsoft.com/Windo...eee8-440e-8620-b29bbf3996641033.mspx?mfr=true

MCSE CCNA CCDA

 

[LWComputingMVP]

Issues? Like besides the severe disruption of work and the hassle in getting ADMT to work properly? And having to setup many things all over again?

Why not just rename the existing domain and change the IP addresses?

 

[melbert2002]

The issue with that is that I need to transfer the AD to a new server. The old one is pretty old and is running out of room on the HDD. I know about the possible disruption of service, and that is really not a problem Im starting on a Friday night and working on it all weekend. In general, Im just wondering about any gotcha's that there may be, or if there are any good books or documentation on doing this.

Thanks

mel

 

[pagy]

Do you have to have a new domain name?? Why can't use just add your new server into your current domain and then dcpromo it to a domain controller, you can then transfer all FSMO roles and any DNS, DHCP to the new DC.

As the new server is R2 you will need to run forestprep and domain prep on your existing domain from the 2nd r2 CD.

If you have to a new domain name you could do the above and the rename when you are on the new hardware

Paul

MCSE 2003

"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein

 

[LWComputingMVP]

Thanks pagy,

That's exactly my question - why reinvent the wheel when all you need to do is EXACTLY that - add the new server as a DC in the existing domain.

If your existing DC is Windows 2000 you should review several links to make sure everything is ok... if it's 2003, then you really only need to run ADPREP on the second R2 cd as pagy says.

Also, why is the first system running out of space? Most often, I find people are mismanaging the server, having data files on the C: drive where they really don't belong. Even if that's not the problem... again, why not just upgrade?

 

[LWComputingMVP]

To be clear - I mean upgrade the domain and add a second DC - not upgrade the existing server.

 

[melbert2002]

AHHHHH...I see what your getting at. So all I need to really do is add the server to the domain add the current users and promote it. Cool deal.

As for my reasoning, here is the deal: currently our website (production) domain is MYDOMAIN and the office domain is MYDOMAIN01, I am trying to clean things up a bit and my boss is keen on separating the production system name from the office name, so there is no confusion (fair enough). We are also adding another office with its own domain and we are going to have a trust between the two.

As for the hardware. With 100GB for 50 users to include backup DB's and Development files and other office stuff. I am taking the existing DC, rebuilding it and sending it to the smaller office with 20 users and a little more HDD space and RAM.

Thanks for all the help

Mel

 

[LWComputingMVP]

WHY would you use a trust and a separate domain? That just creates more management needs. Why not just put them in the same domain and create an OU for the remote site. Define the two sites in Sites and Services and use DFS if necessary for your files.

Again, is your existing server 2000 or 2003? You can also rename the domain. And before you do ANY of this, take your copies of 2003/2000 from TechNet Plus and setup a test environment, using virtual machines if you need to. Any time you make a major network change - ESPECIALLY if you don't have any practical experience doing it in the past - you should first do it in a test environment to better SEE what happens and what issues you might face. If you can, use Acronis and image your existing DC to a VM and do it with an image of your existing network so you can get the most accurate test experience possible.

 

[pagy]

Yep, do exactly as lwcomputing says and put the remote office in the same domain and use an OU for the remote site, it makes administration and management so much easier.
Unless you have a specific reason for not wanting them in the same domain??

Paul

MCSE 2003

"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein

 

[melbert2002]

Well the reason I need two domains is politics. The external office is really a separate company. So THEY want the domain with their name.

Thanks for all the help with this.

Mel