• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 382
  • Last Modified:

Sub-Domain Concept & 1000 Points

Hi Pros...
We have a forest and a single Child/Sub-Domain (worldwide) or lets say a single domain, At the moment we have a single forest e.g forest.com the root is empty,
but the child/sub-domain is where everybody is in (Single domain) e.g child/sub-domain.forest.com and the whole DCs are all in the child/sub-domain.forest.com as a single  domain...
now, i have to write a concept and plan, implenment how we can be able to move away from the sub-domain.... to our own sub-domain...any ideas???..

Thanks guys..;o)


0
agbor1960
Asked:
agbor1960
  • 5
  • 4
1 Solution
 
JFrederick29Commented:
Do you mean you want to create a new domain within the same forest? or are you creating a new forest seperate from the existing one?

If you want to create a new domain within the existing forest, newdomain.forest.com.  You have to promote a server using dcpromo and create a new domain within the existing forest.  If you do not have another server available, you could run dcpromo on an existing domain controller (if you have multiple DC's) and demote it to a member server, then run dcpromo again and use that server as the DC for the new domain.  Just make sure that if you do that the DC you choose to demote doesn't hold any of the operation master roles for the domain.

There are also tools to migrate users and computers from one domain to another, like ADMT (Active Directory Migration Tool)

Is this something that could be accomplished using OU's instead of creating a new domain?

Or, if you are talking about something completely different then please explain further :)
0
 
agbor1960Author Commented:
We are a forest with a single Child/Sub-Domain for North America Europe and Asia Pacific all of us in a single domain with everyone having his DCs lets say 3 OUs and now the European
OU will have to be made a Sub-Domain of the exsiting forest (single domain...)

Forest.com

Child/Sub-Domain ( All the DCs or OUs NA EU & AP in this single child/sub-domain)

Thanks, plzz ask anything you want to know ...Cheers
0
 
JFrederick29Commented:
Then you need to promote a server to a Domain Controller and when you run dcpromo, select the option to create a new domain in the existing forest.  Once the domain is created, you can use a tool like ADMT to move the existing users from the European OU into the new European domain.  Are you adding the second domain for security reasons and could it be achieved by using group policy instead?
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
agbor1960Author Commented:
No, we are adding the Sub-Domains because of expansion reason (Aquisation etc) actually i have to write a concept....but i will have to read about the ADMT...so if i do it how you wrote it.....
everything should be ok..no data loss and and and and.....how about the UNC can i be able to keep the same name like the old???
0
 
agbor1960Author Commented:
I meant Acquisition... growth..
0
 
JFrederick29Commented:
Well the objects you move into the European domain will have a UNC of object.eu.forest.com instead of object.existingdomainname.forest.com.

Once you move the users into the EU domain, they will login to the EU domain as opposed to the existing.  There will be no data loss as you are only moving the AD objects.

Below is a link for deployment guides when using ADMT to migrate users and also step by step instructions on how to create a new domain within an existing forest.  You will want to migrate their SID History when using ADMT if you want them to still have access to resources in the other domain.  Read the articles and deployment guides for exact details on what you need to do but this should get you started...

You have Windows 2000 right, or 2003?

http://www.microsoft.com/windows2000/techinfo/planning/activedirectory/admt.asp

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q238/3/69.ASP&NoWebContent=1

http://www.microsoft.com/windows2000/technologies/directory/ad/default.asp

0
 
agbor1960Author Commented:
We have 2000....Well Mr. JFrederick29 THX a lot i will post a very simple question for you to pick up the remaining 500 points, a'ight...
I have read the ADMT from what i read it's pretty much what am looking for i think, and the links too are very helpful... thanks again...

Cheers for now...

Agbor1960
0
 
JFrederick29Commented:
You're welcome and good luck on your project!
0
 
agbor1960Author Commented:
THX, Cheers
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now