Solved

Single Forest rename

Posted on 2011-02-15
5
899 Views
Last Modified: 2012-05-11
Hi Experts,

We would like to rename our Forest due to conflicting issues in our network... current Forest FQN is ad.company.local we would like to rename this to ad.company.corp. currently we are migrating from 2003 DCs to 2008 DCs, once finished we'll be renaming the Forest before we migrate from Notes to Exchange 2010. Is there any best practices for this or any recommended way? i can find a lot of material on domain rename but not forest....

Can we create a new AD Forest create a 2 way trust and migrate objects with ADMT to the new Forest?
Or do we rename the forest root once we have upgraded all the servers to 2008? (is the rename even possible?) then join the machines using a netdom batch file or is there any more advanced tools?

There's about 400 machines to migrate and i'm cautious about users not being able to access resources with the sIDHistory attribute, once users have been migrated and the down time of machines.

Any advice is appreciated

Cheers

0
Comment
Question by:WeirdFishes
5 Comments
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 34903845
Hello,

The domain rename process is complex, and it requires a great deal of care in planning and execution.it is not intended to make domain rename a routine operation. There are so many dependencies on domain.

This may help you.

http://technet.microsoft.com/en-us/library/cc781575%28WS.10%29.aspx

Regards,
Tushar Kaskhedikar
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 500 total points
ID: 34905033
i can find a lot of material on domain rename but not forest....

You don't rename the forest, but the doman. A forest can consist of multiple domans that you can rename, or a single domain forest.

It looks like you don't have Exchange at the moment, but Notes. I can't tell you how Notes will deal with a domain rename.

The safest and most controlled approch is migrating.

Btw. you can't rename a domain with Exchange 2010!
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 34905996
you could deal with forest trust and ADMT to migrate from the old to new one forest.
but, maybe a most simple solution, could you maybe explain us what the issues you encouter with your current forest name, and why it's so important to change the name?
because maybe we could find a quickest solution ...
0
 
LVL 1

Author Comment

by:WeirdFishes
ID: 34912278
the issue is that we want to integrate macs with AD and bonjour's equivalent to a Windows workgroup is .local which is the FQN of our domain "ad.company.local" Apple has fixed this issue after OS X v10.4 but many apps for macs still conflict on many levels as it treats the .local from the domain FQN as the local machine.

I'm aware that you rename domains, and restructure domain in a forest but documentation don't mentioned if if you can rename the last "DC=local" parameter to "DC=corp" documentation says you can rename "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Business,DC=local" but what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

So seems like a migration is a better approach, just confirming a 2 way forest trust enable users to access resources on both forests?...
does anyone know of a reliable tool to migrate machines for minimum downtime?
we are willing to purchase something if it's good or will a "netdom join" batch file do the trick and run it remotely with psexec? I have only used "netdom join" to join a domain. Can you use netdom to join a machine to a new domain even if it's already in a domain? Sorry for all the questions

Cheers

Can
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34913853
what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

Yes indeed.

If you're going to migrate, you should read the ADMT Guide:

http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=6d710919-1ba5-41ca-b2f3-c11bcb4857af

and get the tool itself:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20C0DB45-DB16-4D10-99F2-539B7277CCDB

You don't use "netdom" to join the computers, ADMT will handle this. You migrate the computers to the destination domain, restart the computer and it's a member of the new domain.




0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question