Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 905
  • Last Modified:

Single Forest rename

Hi Experts,

We would like to rename our Forest due to conflicting issues in our network... current Forest FQN is ad.company.local we would like to rename this to ad.company.corp. currently we are migrating from 2003 DCs to 2008 DCs, once finished we'll be renaming the Forest before we migrate from Notes to Exchange 2010. Is there any best practices for this or any recommended way? i can find a lot of material on domain rename but not forest....

Can we create a new AD Forest create a 2 way trust and migrate objects with ADMT to the new Forest?
Or do we rename the forest root once we have upgraded all the servers to 2008? (is the rename even possible?) then join the machines using a netdom batch file or is there any more advanced tools?

There's about 400 machines to migrate and i'm cautious about users not being able to access resources with the sIDHistory attribute, once users have been migrated and the down time of machines.

Any advice is appreciated

Cheers

0
WeirdFishes
Asked:
WeirdFishes
1 Solution
 
kaskhedikar_tusharCommented:
Hello,

The domain rename process is complex, and it requires a great deal of care in planning and execution.it is not intended to make domain rename a routine operation. There are so many dependencies on domain.

This may help you.

http://technet.microsoft.com/en-us/library/cc781575%28WS.10%29.aspx

Regards,
Tushar Kaskhedikar
0
 
snusgubbenCommented:
i can find a lot of material on domain rename but not forest....

You don't rename the forest, but the doman. A forest can consist of multiple domans that you can rename, or a single domain forest.

It looks like you don't have Exchange at the moment, but Notes. I can't tell you how Notes will deal with a domain rename.

The safest and most controlled approch is migrating.

Btw. you can't rename a domain with Exchange 2010!
0
 
TasmantCommented:
you could deal with forest trust and ADMT to migrate from the old to new one forest.
but, maybe a most simple solution, could you maybe explain us what the issues you encouter with your current forest name, and why it's so important to change the name?
because maybe we could find a quickest solution ...
0
 
WeirdFishesAuthor Commented:
the issue is that we want to integrate macs with AD and bonjour's equivalent to a Windows workgroup is .local which is the FQN of our domain "ad.company.local" Apple has fixed this issue after OS X v10.4 but many apps for macs still conflict on many levels as it treats the .local from the domain FQN as the local machine.

I'm aware that you rename domains, and restructure domain in a forest but documentation don't mentioned if if you can rename the last "DC=local" parameter to "DC=corp" documentation says you can rename "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Business,DC=local" but what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

So seems like a migration is a better approach, just confirming a 2 way forest trust enable users to access resources on both forests?...
does anyone know of a reliable tool to migrate machines for minimum downtime?
we are willing to purchase something if it's good or will a "netdom join" batch file do the trick and run it remotely with psexec? I have only used "netdom join" to join a domain. Can you use netdom to join a machine to a new domain even if it's already in a domain? Sorry for all the questions

Cheers

Can
0
 
snusgubbenCommented:
what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

Yes indeed.

If you're going to migrate, you should read the ADMT Guide:

http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=6d710919-1ba5-41ca-b2f3-c11bcb4857af

and get the tool itself:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20C0DB45-DB16-4D10-99F2-539B7277CCDB

You don't use "netdom" to join the computers, ADMT will handle this. You migrate the computers to the destination domain, restart the computer and it's a member of the new domain.




0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now