Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 197
  • Last Modified:

Migrating from a w2k single domain to a w2k3 global domain

Hi Friends,

Situation is as follows: Have a single W2k Domain (mixed mode)with 1 Domain COntroller running exchange 2K (native mode).
Have 1 NT4 BDC running accounts app. Several other 2k and 2003 Servers - not DC's. About 100 - 40 remotes.

We have now been told we need to move from our single Domain and join a new GLobal Domain. We have a new server that we are going to install windows 2003 server on and join it to the existing global domain. We then need to migrate users across - using the ADMT tool?

Tentative Plan.

1. Install w2k3 on new server and join it to new domain as a DC
2. Install ADMT tool and create a trust between the domains - then migrate users and printers to new domain.
3. Join all servers and clients to the new domain and copy profiles across.

Questions :1. Has anyone had experience with this - is the above a feasable plan?
 2. What about exchange - can exchange be left on the old server or must it be reinstalled on the new Domain - we would rather not put in on the new DC if possible? How will the exchange migration work.
3. Old NT4 BDC - will there be issues getting this onto the new domain as a member server?
4. Are there tools to change the clients and remotes to the new domain as well as copy there profiles or must this be done manually?
5. Can users log on to both domains in the interim while the trust is in place and get access to the same resources etc?

Thanking you for your help.
1 Solution
1. Sounds good, excepting answer to Q2.
2. I think you will need to create a new Exchange server in the new domain, to ensure you get proper permissions and schema from the global domain. Don't put it on the new DC, that is bad. A non DC should host exchange
3. Most probably. :(  I may be wrong (and frequently am) but I don't think you can add NT4 DC's into a 2000 mixed domain, they are just permitted to stay there if previously configured.
4. I'll post my usual answers in another comment on migrating profiles, it is manual, though.
5. No, they can only log in to one, but they can use resources in the other if the trusts are properly configured.


Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now