?
Solved

Migrate Away from Single Label Domain Name

Posted on 2009-12-30
11
Medium Priority
?
1,168 Views
Last Modified: 2012-05-08
Walked in to a bit of a disaster at a new place of work. They have a single label domain name. It is basically ABCNET Running 2003 DC's and Exchange 2003.

Although I see that upgrading to 2008 R2 is supported for SLD's, it is certainly not recommended. Exchange 2010 support for it is also not decided yet. I'm not sure about OCS R2.

If you can, please give me a high level overview of what it would take to migrate to a new domain. I would setup a new subnet, new domain and create a two-way trust between the two. Now what?
0
Comment
Question by:vegas588
  • 4
  • 3
  • 2
  • +1
11 Comments
 
LVL 19

Accepted Solution

by:
PeteJThomas earned 500 total points
ID: 26153411
Have you ever heard of the ADMT? It is a migration tool (Active Directory Migration Tool) created specifically for migrating all your objects in one domain to another, whilst allowing for continuity for the duration of the migration period.

Have a look at this: http://www.petri.co.il/active_directory_migration_tool_usage_w2k_windows_2003.htm

I know it says it's for a 2000 - 2003 migration, but that doesn't matter. Have a read through, and see what you think.

Cheers,

Pete

0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 26153427
Oh and I didn't say so in the previous post, but once the migration is complete using the tool, I would wait for a while to ensure that absolutely everything is working in the new domain, then break the trust, ensure there are no follow up problems from doing that, and finally, demote the DC(s) in the old domain to delete the domain completely.

Then you can do whatever you want with the old DC(s), promote them in the new domain, use them as coasters, whatever you like! :)

Pete
0
 

Author Comment

by:vegas588
ID: 26154172
Thanks for the info. It seems that we may actually try a domain rename procedure instead.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
LVL 65

Expert Comment

by:Mestha
ID: 26154227
Renaming the domain is not something I would suggest with Exchange involved. I have never seen it work successfully. There is only one recommendation I would make here and that is a completely new domain.

If a single name domain has been used, then it would make me wonder what else has been done that is against best practises.

Simon.
0
 

Author Comment

by:vegas588
ID: 26154929
Good Points. Based on the documentation, domain renames are supported with Exchange 2003. I'm not happy with the situation, but that's what it is. I would prefer to go with a new domain too. I think I still need to convince them.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 26155521
While it is supported, you will find 100s of posts on the Internet where it has gone wrong. If it was a straight forward thing then it would be done more often.

If you do decide to do it, then ensure that you have good backups, because it makes a mess.

Simon.
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 500 total points
ID: 26161239
Migrating is causing extra HW, so it depends on your budged. Note that this is the safe way to do it as you can always fall back.

A domain rename do not require any additional HW, but if the rename goes wrong, then your budget will most likly rise to the sky. You cannot stop the rename process once started, so if it goes wrong a restore of your forest is the way to get you back.


> Mestha:  I have never seen it work successfully

If your ever in Norway I'll show you a domain with a Exchange farm successfully renamed :)
0
 

Author Comment

by:vegas588
ID: 26161397
I talked with the guys about it and so far it seems that they are on board with a creating a new forest and domain. The best part is they already have the new hardware! But now I have to convince the boss. I agree that a domain rename should work, but I feel like it could lead to a disaster. Safer bet is to migrate to a new domain in which we will use 2008 R2.
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 26161498
Just be sure not to call your new domain something like "domain.int". Then you run into problems with your SSL certificate. I think Mestha has written a blog entry about domain naming(?)
0
 

Author Comment

by:vegas588
ID: 26162402
Ok. I think we will use a .local domain name.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 26163257
I wrote a blog about the names used in an SSL certificate.
The key thing with domain naming is to either use a domain that you own (which can be .com or whatever) or a domain that hasn't been issued - .local for example.
Don't use a public domain that you don't own. That will cause problems.

Simon.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month4 days, 15 hours left to enroll

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question