Solved

Sub-Domain Concept & 1000 Points

Posted on 2003-11-26
9
360 Views
Last Modified: 2011-04-14
Hi Pros...
We have a forest and a single Child/Sub-Domain (worldwide) or lets say a single domain, At the moment we have a single forest e.g forest.com the root is empty,
but the child/sub-domain is where everybody is in (Single domain) e.g child/sub-domain.forest.com and the whole DCs are all in the child/sub-domain.forest.com as a single  domain...
now, i have to write a concept and plan, implenment how we can be able to move away from the sub-domain.... to our own sub-domain...any ideas???..

Thanks guys..;o)


0
Comment
Question by:agbor1960
  • 5
  • 4
9 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 9824423
Do you mean you want to create a new domain within the same forest? or are you creating a new forest seperate from the existing one?

If you want to create a new domain within the existing forest, newdomain.forest.com.  You have to promote a server using dcpromo and create a new domain within the existing forest.  If you do not have another server available, you could run dcpromo on an existing domain controller (if you have multiple DC's) and demote it to a member server, then run dcpromo again and use that server as the DC for the new domain.  Just make sure that if you do that the DC you choose to demote doesn't hold any of the operation master roles for the domain.

There are also tools to migrate users and computers from one domain to another, like ADMT (Active Directory Migration Tool)

Is this something that could be accomplished using OU's instead of creating a new domain?

Or, if you are talking about something completely different then please explain further :)
0
 

Author Comment

by:agbor1960
ID: 9824492
We are a forest with a single Child/Sub-Domain for North America Europe and Asia Pacific all of us in a single domain with everyone having his DCs lets say 3 OUs and now the European
OU will have to be made a Sub-Domain of the exsiting forest (single domain...)

Forest.com

Child/Sub-Domain ( All the DCs or OUs NA EU & AP in this single child/sub-domain)

Thanks, plzz ask anything you want to know ...Cheers
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 9824781
Then you need to promote a server to a Domain Controller and when you run dcpromo, select the option to create a new domain in the existing forest.  Once the domain is created, you can use a tool like ADMT to move the existing users from the European OU into the new European domain.  Are you adding the second domain for security reasons and could it be achieved by using group policy instead?
0
 

Author Comment

by:agbor1960
ID: 9824824
No, we are adding the Sub-Domains because of expansion reason (Aquisation etc) actually i have to write a concept....but i will have to read about the ADMT...so if i do it how you wrote it.....
everything should be ok..no data loss and and and and.....how about the UNC can i be able to keep the same name like the old???
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:agbor1960
ID: 9824853
I meant Acquisition... growth..
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 9825218
Well the objects you move into the European domain will have a UNC of object.eu.forest.com instead of object.existingdomainname.forest.com.

Once you move the users into the EU domain, they will login to the EU domain as opposed to the existing.  There will be no data loss as you are only moving the AD objects.

Below is a link for deployment guides when using ADMT to migrate users and also step by step instructions on how to create a new domain within an existing forest.  You will want to migrate their SID History when using ADMT if you want them to still have access to resources in the other domain.  Read the articles and deployment guides for exact details on what you need to do but this should get you started...

You have Windows 2000 right, or 2003?

http://www.microsoft.com/windows2000/techinfo/planning/activedirectory/admt.asp

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q238/3/69.ASP&NoWebContent=1

http://www.microsoft.com/windows2000/technologies/directory/ad/default.asp

0
 

Author Comment

by:agbor1960
ID: 9825405
We have 2000....Well Mr. JFrederick29 THX a lot i will post a very simple question for you to pick up the remaining 500 points, a'ight...
I have read the ADMT from what i read it's pretty much what am looking for i think, and the links too are very helpful... thanks again...

Cheers for now...

Agbor1960
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 9825421
You're welcome and good luck on your project!
0
 

Author Comment

by:agbor1960
ID: 9825437
THX, Cheers
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

What is IRC? IRC (Internet Relay Chat) is a form of communication between multiple users. It is available freely to anyone with inernet access. IRC is a great way to communicate with others e.g. There is an IRC channel for Ubuntu Linux, which is fo…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now