Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting up a trust

Status
Not open for further replies.
sbertram

sbertram

MIS
Aug 30, 2007
25
US
Hi here is my question. I need help to setup a trust between two domains. Right now I have about 90 PCs going to one domain lets call it abc.com(server 2000). I just setup a new DC and it has the domain name of let’s call it 123.com(server 2003 64 bit).

The plan is to setup a trust, once the trust works then I want to move machines from the old domain which is abc.com to the new one which is 123.com. Then when all the PCs have been moved to 123.com I want to shut down the old DC and the abc.com domain and wipe that DC clean. What steps do I take to get these domains to trust each other?
Thanks

 
Sort by date Sort by votes
I suggest you review the domain migration cookbook. In order to do this properly, you need to establish a trust (2 way is best), set up ADMT, then you can begin the process...

-Brandon Wilson
MCSE:Security00/03
MCSA:Messaging00
MCSA:Security03
A+

 
Upvote 0 Downvote
Hi ADGod can you give me a link to the domain migration cookbook?
Thanks
 
Upvote 0 Downvote
I second the use of ADMT. Check this out: support.microsoft.com/kb/326480

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Hi one issue we have here is out AD users are all messed up. The computer that is the DC beofre my time was used as a file server and got viruses on it and has had them removed. There are some users with in AD we can not delete becuase we get all kinds of strange messages. SO i do not want to use ADMT becuase of this. Will things get messed up if i just setup the trust and do not use ADMT?
thanks
 
Upvote 0 Downvote
ADMT can be used JUST for your computers as you stated above. User accounts need not be migrated if not needed. (you will be making new ones in your clean environment.) ADMT will help automate the computer migration to help ease your pain.


_______________________________________
I hope any help I give leads to great successes.
MCSE, MCSA, MCTS, CCA, VCP, CCNA
 
Upvote 0 Downvote
ok sounds good. Do you have any tips on easy way to handle PC profiles when i do move people over?
 
Upvote 0 Downvote
Without using ADMT...They will all have new profiles.Have them move all their documents to their network share so that they will be available once moved over. You will need to change permissions on those folder to include their new AD accounts. (Why most admins love using ADMT to migrate user accounts with SID history to access old network documents.) Otherwise, XP and Vista have built in File and Settings Transfer wizard under system tools that will make life easier, but you will have to touch each machine.


_______________________________________
I hope any help I give leads to great successes.
MCSE, MCSA, MCTS, CCA, VCP, CCNA
 
Upvote 0 Downvote
I will try to use ADMT as much as i can to move over profiles. Do you have a link i can use so i can read up on how to use ADMT?
Thanks
Steve
 
Upvote 0 Downvote
cool thanks for the help.
I will be back if i need more help.
Have a good one
 
Upvote 0 Downvote
Check out ForensIT.com. They have a tool for migrating profiles between domains. It is available for a free trial and works great.

For your user accounts, I don't know how many you have, but I would create the new ones with VBScript to get them done in bulk quickly.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
WAIT WAIT WAIT

If you are getting "strange errors" when deleting users, you may still in fact be infected. DO NOT TRUST THE AV TO REMOVE IT ENTIRELY.
I have seen MANY instances where a virus simply hides from the AV, believe it or not, or tricks it by allowing itself to be deleted, but not before replicating itself to another file.

What is the EXACT error you recieve when migrating.

YOU DO NOT WANT TO INTERCONNECT THESE SYSTEMS WHEN THERE IS A POSSIBILITY OF VIRAL INFECTION OR YOU RISK BRINGING THE SAME INFECTION INTO YOUR OTHER SYSTEMS!!!!!!!!!!!

-Brandon Wilson
MCSE:Security00/03
MCSA:Messaging00
MCSA:Security03
A+

 
Upvote 0 Downvote
Hi ADGod it is not so much errors durng the migrating. Just genral strange erorrs such as the one in the attachment.
 
Upvote 0 Downvote
the attachment doesnt seem to be working. Whats the error you get for this statement you made: There are some users with in AD we can not delete becuase we get all kinds of strange messages.


-Brandon Wilson
MCSE:Security00/03
MCSA:Messaging00
MCSA:Security03
A+

 
Upvote 0 Downvote
Hi when i try to delete this one computer account (the rest of the accounts delete fine)it says " object DR-DEV-09 is a contaniner and contains other objects. Are you sure you want to delete object dr-dev-09 and the objects it contains
 
Upvote 0 Downvote
ok go into adsiedit.msc, then look up the computer account, then tell me what the userAccountControl value is.

Better yet, if you know how, provide a verbose ldifde or csvde dump of the object....

-Brandon Wilson
MCSE:Security00/03
MCSA:Messaging00
MCSA:Security03
A+

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question
Trust relationship issue 1
Replies
3
Views
250
araheusaff
araheusaff
Scparks
  • Locked
  • Question
Trouble with setting up a SMTP Relay to Office 365
Replies
0
Views
93
Scparks
Scparks
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
264
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
385
gbaughma
gbaughma
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
144
technome
technome

Part and Inventory Search

Sponsor

Back
Top