Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Underscore in domain name, sync issues & application access & migratie to Win2008 new domain

Posted on 2008-10-01
4
Medium Priority
?
471 Views
Last Modified: 2008-10-02
There is an underscore in our domain name (i.e. domain_dity.org) which I believe is causing sync issues in DNS and some application access.  Plus our IP scheme is 91.0.0.0 which is a pubic IP range that belongs to some other country and is causing weird stuff to show up in DNS.  There 2 local domain controllers, 6 remote domain controllers all Win2003 Enterprise, 1 Exchange server, SQL, Oracle and a buch of other sequal apps.  I've been given the ok to upgrade to Win2008 and Exchange 2007.  I'm thinking of migrating everything to a new forest and domain (i.e domaincity.org) and a new IP scheme of 172.16.1.0/16 to 172.22.1.0/16.  I'm having a hard time figuring out where to start.  I know that I have to create a trust between the old and the new forest but how do I set up the new IP scheme and DNS so that all the users can continue access the resources while I migrate 700+ users, workstations.  I was thinking of using ADMT and the Exchange Migration Wizard.  I'm probably taking on more that I can chew but can someone help me get started?
0
Comment
Question by:cwojcicki1099
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22616184

That is quite a big project, but far from impossible.

You just need to break your plan down a bit into requirements:

1. IP Routing

In order to use both IP Ranges at the same time you need something to route between each. That device needs to be fairly capable, after all, it's going to have 700 users going through it while you shift services.

Shifting the IP range in one go, for an organisation of your size, is possible but likely to be more problematic than setting up routing.

Do you have something that can take care of routing between subnets for you?

2. Domain Trust

Once you have your routing up, establish your new domain on that range and configure a Trust with the old domain.

The default settings in MS DNS means it is happy working with underscores, you'll just get a warning about it.

To establish the trust you need to configure name resolution between domains. Conditional forwarders are ideal for this. That should be done on every DNS server used on each domain (even if the PDC Emulator is most important).

3. AD Migration

With the trust up and running a small amount of configuration will give you ADMT. I  highly recommend you disable SID filtering on the trust to allow migrated accounts access to systems using their own SID.

4. Exchange Migration

And finally :) The Exchange Migration Wizard should work well with accounts shifted using ADMT. If anything becomes a problem you, of course, still have ExMerge to fall back on.

Chris
0
 

Author Comment

by:cwojcicki1099
ID: 22625143
Is this the correct syntax to turn off SID filtering where the trusting domain is my old Windows 2003 that I'm migrating from and the trusted domain is the new Windows 2008 that I'm migrating to?

Netdom trust  TrustingDomainName /domain:TrustedDomainName /quarantine:No /userD:domainadministratorAcct /passwordD:domainadminpwd
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 500 total points
ID: 22625222

Yes, that's right :)

Chris
0
 

Author Comment

by:cwojcicki1099
ID: 22625923
Thank you so much.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question