• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 342
  • Last Modified:

Windows Server 2003 to 2008 Trust

Hi All,

Just a quick sanity check / brain storm.

I have taken over the care of a network with the plan of scrapping their old nasty exchange infrastructure.

192.168.0.x/24 = HQ (companyuk.local)
192.168.1.x/24 = NEW COLO (additional site to companyuk.local)
x.x.x.x = OLD COLO (Public address only) - Completely separate site AD (company.co.uk)

The old colo contains an Exchange 2003 server, New colo contains an Exchange 2010 server which we will be migrating accounts to.

I want to set up a trust between the two for migration purposes.

Since company.co.uk (the actual domain name, not the AD domain name on the exchange 2003 box) is also used for a website and various portal/crm which are located on another box and used internally, what problems am I going to face by creating a trust?

Can I create the trust without having the zone file for company.co.uk ?

What issues am I likely to face?

Thanks.
0
Whiterat
Asked:
Whiterat
  • 4
  • 4
1 Solution
 
KenMcFCommented:
What is the AD FQDN of the old forest?
You said it has "company.co.uk" as the email doamin but not AD.
Also not sure what you mean by "Public addresses only", Do these servers have public IP addresses and are live on the internet? Is there a VPN tunnel or other connection between the two domains?


To setup the trust and provide DNS resolution I would create conditional forwarders in each Domain to point to the other.


http://support.microsoft.com/kb/304491 
0
 
WhiteratAuthor Commented:
Hi KenMcF,

The AD FQDN is unfortunately company.co.uk .
It is a public facing server with an access list allowing everything between the 2.

Thanks.
0
 
KenMcFCommented:
Then as long as the DNS server for "company.co.uk" has all the correct records and there is no NAT between the two domains you can create conditional forwarders on each and should be good if I understand your topology correct.  
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
WhiteratAuthor Commented:
There is NAT running on the new domain...
0
 
KenMcFCommented:
It is not supported to do a trust with NAT. Take a look at this thread and the links provided.

http://social.technet.microsoft.com/forums/en-US/winserverDS/thread/9dffd77b-6991-48bb-9ddf-6f6d605be594
0
 
WhiteratAuthor Commented:
:(

In which case can you think of a good way to perform the migration besides ExMerge ?
0
 
KenMcFCommented:
it is possible to get the trust to work, I personally have never tried it. You would have to do a lot of DNS configuration and work on the firewalls.

But exmerge would probably be the easiest.

0
 
WhiteratAuthor Commented:
Ran out of time to test anything special, just ended up using exmerge
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now