Changing forests

Posted on 2001-06-27
Last Modified: 2010-04-13
I purchased a new server, installed Active Directory and had it join my existing forest as an additional Domain Controller.   I setup users and security policies.  I would like to move these (server, users, and policies) to a new forest, and take down the old forest, without losing the users and security policies that I have created.  If there is a way to backup the policies and users, that solution would work for me as well, because then Active Directory could just be removed/installed again.  Thank-you
Question by:stavesacre

Expert Comment

ID: 6232760
You can use the Backup utility in 2000 to backup the system state with backups up the active directory and other critical system files.
LVL 12

Accepted Solution

Housenet earned 100 total points
ID: 6233447
stavesacre as you probably know, no tools exist that will make this easy for you.. You can export & import users using ldifde, it does not do the password though.

-This article has a command line example to export users. I tried it, it works.
-Policies is a whole other issue. I dont know of a tool that can export the domain policy, or domain security policy to a different forest.. allows you to import & export to the same domain.. I dont think it would help you but you might as well be aware of its existance..
-You might have to go the long way, which is.. Look at a policy... Go to a catagory...right click ->export ... or note the settings in the policies on paper manually.

Expert Comment

ID: 8237066
Dear questionner/expert(s)

No comment has been added lately, so it's time to clean up this TA.
I'll leave a recommendation in the Cleanup topic area that this question is to be:

- Answered by: Housenet

Please leave any comments here within the next seven days.



Cleanup volunteer


Expert Comment

ID: 8280142
Finalized as proposed


Community Support Moderator
Experts Exchange

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Employees depend heavily on their PCs, and new threats like ransomware make it even more critical to protect their important data.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now