Solved

Single Forest rename

Posted on 2011-02-15
5
902 Views
Last Modified: 2012-05-11
Hi Experts,

We would like to rename our Forest due to conflicting issues in our network... current Forest FQN is ad.company.local we would like to rename this to ad.company.corp. currently we are migrating from 2003 DCs to 2008 DCs, once finished we'll be renaming the Forest before we migrate from Notes to Exchange 2010. Is there any best practices for this or any recommended way? i can find a lot of material on domain rename but not forest....

Can we create a new AD Forest create a 2 way trust and migrate objects with ADMT to the new Forest?
Or do we rename the forest root once we have upgraded all the servers to 2008? (is the rename even possible?) then join the machines using a netdom batch file or is there any more advanced tools?

There's about 400 machines to migrate and i'm cautious about users not being able to access resources with the sIDHistory attribute, once users have been migrated and the down time of machines.

Any advice is appreciated

Cheers

0
Comment
Question by:WeirdFishes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 34903845
Hello,

The domain rename process is complex, and it requires a great deal of care in planning and execution.it is not intended to make domain rename a routine operation. There are so many dependencies on domain.

This may help you.

http://technet.microsoft.com/en-us/library/cc781575%28WS.10%29.aspx

Regards,
Tushar Kaskhedikar
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 500 total points
ID: 34905033
i can find a lot of material on domain rename but not forest....

You don't rename the forest, but the doman. A forest can consist of multiple domans that you can rename, or a single domain forest.

It looks like you don't have Exchange at the moment, but Notes. I can't tell you how Notes will deal with a domain rename.

The safest and most controlled approch is migrating.

Btw. you can't rename a domain with Exchange 2010!
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 34905996
you could deal with forest trust and ADMT to migrate from the old to new one forest.
but, maybe a most simple solution, could you maybe explain us what the issues you encouter with your current forest name, and why it's so important to change the name?
because maybe we could find a quickest solution ...
0
 
LVL 1

Author Comment

by:WeirdFishes
ID: 34912278
the issue is that we want to integrate macs with AD and bonjour's equivalent to a Windows workgroup is .local which is the FQN of our domain "ad.company.local" Apple has fixed this issue after OS X v10.4 but many apps for macs still conflict on many levels as it treats the .local from the domain FQN as the local machine.

I'm aware that you rename domains, and restructure domain in a forest but documentation don't mentioned if if you can rename the last "DC=local" parameter to "DC=corp" documentation says you can rename "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Business,DC=local" but what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

So seems like a migration is a better approach, just confirming a 2 way forest trust enable users to access resources on both forests?...
does anyone know of a reliable tool to migrate machines for minimum downtime?
we are willing to purchase something if it's good or will a "netdom join" batch file do the trick and run it remotely with psexec? I have only used "netdom join" to join a domain. Can you use netdom to join a machine to a new domain even if it's already in a domain? Sorry for all the questions

Cheers

Can
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34913853
what i want is "DC=AD,DC=Company,DC=local" to "DC=AD,DC=Company,DC=.corp" is it possible?

Yes indeed.

If you're going to migrate, you should read the ADMT Guide:

http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=6d710919-1ba5-41ca-b2f3-c11bcb4857af

and get the tool itself:

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20C0DB45-DB16-4D10-99F2-539B7277CCDB

You don't use "netdom" to join the computers, ADMT will handle this. You migrate the computers to the destination domain, restart the computer and it's a member of the new domain.




0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Your data is at risk. Probably more today that at any other time in history. There are simply more people with more access to the Web with bad intentions.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question