Solved

Domain Migration/Change

Posted on 2007-11-20
7
742 Views
Last Modified: 2012-06-21
In my ongoing quest to correct the mistakes of the ghosts of IT past, I will soon be changing our internal domain - new server, new domain.  Previous admin(s), not thinking things through, chose to name our internal, NAT'd domain the same as our hosted, external (internet) domain.  This has caused no end of problems, particularly with the Exchange server, which someone, as some point, decided to "upgrade" to the 2000 version from the 2003 version, seriously breaking the whole mess.  As if it wasn't already hosed.

Anyway, since this particular operation is a new venture, I figured I'd get some tips and give away a few points.  So, here's what I need to know:

On a Windows 2000 domain, moving to a Windows 2003 domain with a new name...

1 - Is there any way to move the users, and their respective systems, to the domain without going machine to machine, joining them to the domain, copying all their stuff in Doc's n Settings, etc...?  Like some sys admin program or script that sucks them all onto the new domain, complete with all their personal stuff?

2 - Is there a way to migrate their accounts from the old domain to the new one, including permissions and settings?

It shouldn't make a difference, but the old domain does not use roaming profiles, and the new one will.
0
Comment
Question by:knoxzoo
7 Comments
 
LVL 10

Accepted Solution

by:
victornegri earned 250 total points
ID: 20321867
0
 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 200 total points
ID: 20322125
This might save you some work ...
Why not integrate the 2 and have a mixed domain ... this will get all your account information over.
Then you can remove the 2000 DCs and upgrade to a pure 2003 domain.
Once upgraded you can then rename the domain to the new one that you want.

Take a look at these links and see if this seems like a viable option for you ....
http://technet.microsoft.com/en-us/windowsserver/bb405948.aspx
http://www.msexchange.org/tutorials/Domain-Rename.html

P.S.  Make sure you plan well for those roaming profiles ... if not impimented well, they can kill your network performance during logon/off.
0
 
LVL 11

Author Comment

by:knoxzoo
ID: 20322838
Oops!  I knew I was forgetting to mention something.  Current plans are for the Exchange server to go the way of the dodo bird.  It may make a return at some point in the future, but we're already using a hosted e-mail server and Google calendar, so adding Exchange back into the mix seems a bit pointless.

Thanks for the comments, folks.  The browser windows are open and waiting for me to finish typing this.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 50 total points
ID: 20323896
unfortunalely nothing is going to join those machines to your domain except yourself :)

ADMT is the best for a simple migration of user accounts and groups....You are going to need the new domain up and running with a trust between the two

My advice, try and keep everything as new as possible so its nice and clean
0
 
LVL 11

Author Closing Comment

by:knoxzoo
ID: 31410170
Good links and good advice.  The advice was pretty much common sense and what I'd planned, but it was good anyway.   Thanks, folks.
0
 
LVL 11

Author Comment

by:knoxzoo
ID: 20324401
Appreciate the help and comments folks.  

I've upgraded countless domains and networks, but, for whatever reason, the notion of using the same tools and techniques to transfer things between different domains didn't even occur to me.  Too close to the problem, I guess.

Come to think of it, that's how I got some of the points I have - people being too close to the problem.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20324414
**grin** welcome to my world
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now