Solved

Best way to migrate an active directory 2000 child domain and recreate it with AD 2003 with same domain name

Posted on 2007-11-20
8
302 Views
Last Modified: 2010-03-17
I need to migrate our child domain out of an AD 2000 forest and make it the root of the new forest.  

Currently have a root forest with three child domains within it. I want to migrate our child domain out (230 user accounts) and build an AD 2003 network and keep the same domain name that our child domain currently has. I'm testing tools like NetIQ's Domain Migration Admin... Anyone else used this software? Its really difficult to find documentation on migrating a AD domain out of one forest and recreating it into its own.  

Any direction is greatly appreciated
0
Comment
Question by:andersenks
  • 3
  • 3
  • 2
8 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
Comment Utility
> "build an AD 2003 network and keep the same domain name that our child domain currently has"

This is going to be nigh impossible if your goal is a graceful migration, as all of the migration tools (ADMT, the Quest/NetIQ/etc. tools) require a trust relationship between source and target domains, and you cannot configure a trust if the source and target domains have the same NetBIOS name.

Two choices:

[1]  Configure a third "swing" domain as a go-between, so that you would migrate from the old a.com to b.com, and then from b.com to the new a.com

[2]  Rename the 2003 domain after the migration has been completed, so migrate a.com to b.com, and then once the migration is 100% complete, rename b.com to a.com.
0
 

Author Comment

by:andersenks
Comment Utility
Thanks Laura.... any preference over ADMT and third party tools like NetIG?
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
Comment Utility
I like the Quest product set as a rule, but they're priced per seat and the cost can knock you off of your chair.  ADMT, for the price (free), is surprisingly high-functioning.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
Comment Utility
mmm i am a fan of ADMT - the only thing i found was a prick was the password migration....so i reset them all and just let users scream :) the rest was fantastic to use actually
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:andersenks
Comment Utility
Suppose I choose this route...

[2]  Rename the 2003 domain after the migration has been completed, so migrate a.com to b.com, and then once the migration is 100% complete, rename b.com to a.com.

Would I have to add all the servers and work station to the new domain before renaming it or can I rename it first then add the devices to the newly renamed domain? I'm guessing that I will need to add all workstation and PC's first then rename the domain.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
Comment Utility
Your guess is correct.  In order to migrate the workstations gracefully, both source and target domain need to be online and available at the same time, and you would need to decommission the source domain before you will be able to rename the target domain as you describe.
0
 

Author Comment

by:andersenks
Comment Utility
One more question.... What if I were to just demote the DC's on this Child domain and recreate the network from scratch. What I'm asking is, what are the benifets of doing a migration over just building it anew. It seems even with an AD migration you still have to go to each machine and re-add it to the newly created domain. With AD migration will users have the same desktop profile they used on the old domain? Will printers and shares still be there or will they need to be created?

I guess that was more than one question...

Cheers
0
 
LVL 48

Expert Comment

by:Jay_Jay70
Comment Utility
with the migration, they still get their profiles (if Roaming) thats about it....

I prefer a clean install where i can, but it depends how many users you have and how much time you have....the migration path can be a royal PITA...Most stuff ends up being recreated if you dont have roaming profiles
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Active directory upgrade to DFSR 4 27
Windows 2008 R2 _MSDSC Delegation 8 34
active directory 1 39
ACTIVE DIRECTORY 3 26
Learn about cloud computing and its benefits for small business owners.
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now