Solved

Single Forest rename

Posted on 2011-02-15
5
896 Views
Last Modified: 2012-05-11
Hi Experts,

We would like to rename our Forest due to conflicting issues in our network... current Forest FQN is ad.company.local we would like to rename this to ad.company.corp. currently we are migrating from 2003 DCs to 2008 DCs, once finished we'll be renaming the Forest before we migrate from Notes to Exchange 2010. Is there any best practices for this or any recommended way? i can find a lot of material on domain rename but not forest....

Can we create a new AD Forest create a 2 way trust and migrate objects with ADMT to the new Forest?
Or do we rename the forest root once we have upgraded all the servers to 2008? (is the rename even possible?) then join the machines using a netdom batch file or is there any more advanced tools?

There's about 400 machines to migrate and i'm cautious about users not being able to access resources with the sIDHistory attribute, once users have been migrated and the down time of machines.

Any advice is appreciated

Cheers

0
Comment
Question by:WeirdFishes
5 Comments
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 34903845
Hello,

The domain rename process is complex, and it requires a great deal of care in planning and execution.it is not intended to make domain rename a routine operation. There are so many dependencies on domain.

This may help you.

http://technet.microsoft.com/en-us/library/cc781575%28WS.10%29.aspx

Regards,
Tushar Kaskhedikar
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 500 total points
ID: 34905033
i can find a lot of material on domain rename but not forest....

You don't rename the forest, but the doman. A forest can consist of multiple domans that you can rename, or a single domain forest.

It looks like you don't have Exchange at the moment, but Notes. I can't tell you how Notes will deal with a domain rename.

The safest and most controlled approch is migrating.

Btw. you can't rename a domain with Exchange 2010!
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 34905996
you could deal with forest trust and ADMT to migrate from the old to new one forest.
but, maybe a most simple solution, could you maybe explain us what the issues you encouter with your current forest name, and why it's so important to change the name?
because maybe we could find a quickest solution ...
0
 
LVL 1

Author Comment

by:WeirdFishes
ID: 34912278
the issue is that we want to integrate macs with AD and bonjour's equivalent to a Windows workgroup is .local which is the FQN of our domain "ad.company.local" Apple has fixed this issue after OS X v10.4 but many apps for macs still conflict on many levels as it treats the .local from the domain FQN as the local machine.

I'm aware that you rename domains, and restructure domain in a forest but documentation don't mentioned if if you can rename the last "DC=local" parameter to "DC=corp" documentation says you can rename "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Business,DC=local" but what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

So seems like a migration is a better approach, just confirming a 2 way forest trust enable users to access resources on both forests?...
does anyone know of a reliable tool to migrate machines for minimum downtime?
we are willing to purchase something if it's good or will a "netdom join" batch file do the trick and run it remotely with psexec? I have only used "netdom join" to join a domain. Can you use netdom to join a machine to a new domain even if it's already in a domain? Sorry for all the questions

Cheers

Can
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34913853
what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

Yes indeed.

If you're going to migrate, you should read the ADMT Guide:

http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=6d710919-1ba5-41ca-b2f3-c11bcb4857af

and get the tool itself:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20C0DB45-DB16-4D10-99F2-539B7277CCDB

You don't use "netdom" to join the computers, ADMT will handle this. You migrate the computers to the destination domain, restart the computer and it's a member of the new domain.




0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now