Solved

Need to remove un-necesary lower level AD Child Domain as part of new server install/migration.

Posted on 2008-06-12
5
258 Views
Last Modified: 2010-03-05
We have a W2003 AD Domain "city.local" and a child domain of "library.city.local"
The Domain controller for "Library.city.local" is a W2000 AD system - that is being replaced with a W2003R2 system.
The parent Domain is W2003.
It has been decided that the child domain is not required.
We want to find the best method to eliminate the child domain - to minimize the effect on several PC systems
and a Terminal Server that uses a GPO lockdown. A new terminal server will also be introduced.
Wish to transfer as many objects (Computer accounts, users, policies) as possible trying to minimize effort.
There are several PC's that use a hardware lockdown system and GPO lockdowns.
We can do it the hard way - move PC's to workgroup, export AD accounts,etc but looking for time saving steps.
0
Comment
Question by:BobPrinceExpert
5 Comments
 
LVL 13

Expert Comment

by:martin_babarik
ID: 21772981
Hi, I'd say this article is the info you are looking for:
http://support.microsoft.com/kb/326480/en
Let me know if there is something you want to be explained further.
Regards

Martin
0
 
LVL 7

Accepted Solution

by:
ManicD earned 500 total points
ID: 21777574
you may also want to lookup information about "movetree" to move AD objects between domains.

This seems like a several step process, first upgrade to 2003, second move the objects across, demote Domain controllers for the child domain, then promote them to the parent domain(if required)
0
 
LVL 1

Author Comment

by:BobPrinceExpert
ID: 21793389
We will look in to "movetree" as that sounds like it fit's in to what we plan to do.
Basically since we are installing new servers - we will set them up in the parent domain.
THen sounds like we can use "movetree" to move over objects that we still need.
In some cases - we have some generic users - so probably recreate them - but move over GPO's,etc.
Thanks for the tip.
Bob
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Resolve DNS query failed errors for Exchange
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question