Changing forests

Posted on 2001-06-27
Last Modified: 2010-04-13
I purchased a new server, installed Active Directory and had it join my existing forest as an additional Domain Controller.   I setup users and security policies.  I would like to move these (server, users, and policies) to a new forest, and take down the old forest, without losing the users and security policies that I have created.  If there is a way to backup the policies and users, that solution would work for me as well, because then Active Directory could just be removed/installed again.  Thank-you
Question by:stavesacre
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 6232760
You can use the Backup utility in 2000 to backup the system state with backups up the active directory and other critical system files.
LVL 12

Accepted Solution

Housenet earned 100 total points
ID: 6233447
stavesacre as you probably know, no tools exist that will make this easy for you.. You can export & import users using ldifde, it does not do the password though.

-This article has a command line example to export users. I tried it, it works.
-Policies is a whole other issue. I dont know of a tool that can export the domain policy, or domain security policy to a different forest.. allows you to import & export to the same domain.. I dont think it would help you but you might as well be aware of its existance..
-You might have to go the long way, which is.. Look at a policy... Go to a catagory...right click ->export ... or note the settings in the policies on paper manually.

Expert Comment

ID: 8237066
Dear questionner/expert(s)

No comment has been added lately, so it's time to clean up this TA.
I'll leave a recommendation in the Cleanup topic area that this question is to be:

- Answered by: Housenet

Please leave any comments here within the next seven days.



Cleanup volunteer


Expert Comment

ID: 8280142
Finalized as proposed


Community Support Moderator
Experts Exchange

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question