Solved

Windows Server 2003 to 2008 Trust

Posted on 2010-11-12
8
305 Views
Last Modified: 2012-05-10
Hi All,

Just a quick sanity check / brain storm.

I have taken over the care of a network with the plan of scrapping their old nasty exchange infrastructure.

192.168.0.x/24 = HQ (companyuk.local)
192.168.1.x/24 = NEW COLO (additional site to companyuk.local)
x.x.x.x = OLD COLO (Public address only) - Completely separate site AD (company.co.uk)

The old colo contains an Exchange 2003 server, New colo contains an Exchange 2010 server which we will be migrating accounts to.

I want to set up a trust between the two for migration purposes.

Since company.co.uk (the actual domain name, not the AD domain name on the exchange 2003 box) is also used for a website and various portal/crm which are located on another box and used internally, what problems am I going to face by creating a trust?

Can I create the trust without having the zone file for company.co.uk ?

What issues am I likely to face?

Thanks.
0
Comment
Question by:Whiterat
  • 4
  • 4
8 Comments
 
LVL 27

Expert Comment

by:KenMcF
ID: 34120591
What is the AD FQDN of the old forest?
You said it has "company.co.uk" as the email doamin but not AD.
Also not sure what you mean by "Public addresses only", Do these servers have public IP addresses and are live on the internet? Is there a VPN tunnel or other connection between the two domains?


To setup the trust and provide DNS resolution I would create conditional forwarders in each Domain to point to the other.


http://support.microsoft.com/kb/304491 
0
 
LVL 4

Author Comment

by:Whiterat
ID: 34120676
Hi KenMcF,

The AD FQDN is unfortunately company.co.uk .
It is a public facing server with an access list allowing everything between the 2.

Thanks.
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34120720
Then as long as the DNS server for "company.co.uk" has all the correct records and there is no NAT between the two domains you can create conditional forwarders on each and should be good if I understand your topology correct.  
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 4

Author Comment

by:Whiterat
ID: 34120843
There is NAT running on the new domain...
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34120918
It is not supported to do a trust with NAT. Take a look at this thread and the links provided.

http://social.technet.microsoft.com/forums/en-US/winserverDS/thread/9dffd77b-6991-48bb-9ddf-6f6d605be594
0
 
LVL 4

Author Comment

by:Whiterat
ID: 34120965
:(

In which case can you think of a good way to perform the migration besides ExMerge ?
0
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 34121093
it is possible to get the trust to work, I personally have never tried it. You would have to do a lot of DNS configuration and work on the firewalls.

But exmerge would probably be the easiest.

0
 
LVL 4

Author Closing Comment

by:Whiterat
ID: 34299093
Ran out of time to test anything special, just ended up using exmerge
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCHANGE 2010 - DATABASE CORRUPTION 11 41
Creating DAG on Exchange 2016 4 13
Power shell 4 25
Advanced Auditing issue 3 20
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question