?
Solved

How do I transfer AD settings from one hosted environment to another hosted environment?

Posted on 2011-09-14
10
Medium Priority
?
232 Views
Last Modified: 2012-06-21
We currently have a domain set up with a hosted provider, in a virtualized environment.  There are about 100 users, 10 groups, 3 OUs, and 2 GPOs configured within AD.  This is a Server 2008 domain, all virtualized using Hyper-V.  We are currently looking to switch hosted providers.  What would be the best practice or procedure for migrating / transferring the AD / Domain settings?
We are going to name the domain / servers at the new location with the same name structure as they are currently configured.
I have tried the AD Migration Tool, but it appears that both domains need to be accessible to perform the task.

Thank you for your help.
0
Comment
Question by:jazzcatone
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 13

Expert Comment

by:Govvy
ID: 36536118
You could use csvde to export the objects and import them to the new location. GPMC allows you to perform a backup of the Group Policy files for restore
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 1000 total points
ID: 36536127
Will the hosting company will not allow you to have the VHD from your current servers?

If not then you are in a pickle since you need direct access to use the ADMT tool
0
 
LVL 43

Expert Comment

by:kevinhsieh
ID: 36536478
If you can setup a VPN between the providers, or between you and the providers, you could them just add a domain controller in the normal way. I agree that you should be able to get the VHD or a backup of your VM.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 

Author Comment

by:jazzcatone
ID: 36538189
@dariusq - I am not sure that we will be able to get our VHD, in that we are renting the OS's as well as we do not have access to the Hyper-V host to access the VHD file.
0
 

Author Comment

by:jazzcatone
ID: 36538192
@Govvy - I am setting up a test environment and going to try the csvde command.
0
 
LVL 43

Expert Comment

by:kevinhsieh
ID: 36538234
I feel that the best bet is to be able to setup another DC over the VPN because then you can make that DC part of the SAME domain, and all passwords, SIDS, group policies, computer accounts, etc. will be preserved.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36540137
That is going to the best option is too export but this will just bring user information over so you can create the users again.

I would speak to your hosting company they could have other options
0
 

Author Comment

by:jazzcatone
ID: 36542865
@kevinhsieh - I am currently working with the hosting company to see if we can get a VPN connection configured.  If so, I will be able to configure my server as a BDC with all settings.  If this is not possible, I will need to export using csvde, and having users reset their passwords on next login.

@dariusq - I don't know if the hosting company will help, in that they may get the sense that we are looking to move our operations, but it won't hurt for me to ask.

I will up date the post as soon as I have more information.

Thanks,
0
 

Author Comment

by:jazzcatone
ID: 36566838
I am working with our hosting company.  We will be getting a VHD in the next few days.
I will keep everyone updated on the status.

Thanks,
0
 

Author Closing Comment

by:jazzcatone
ID: 36968338
I still have not completed the task, but the logic seems to be effective and should work.
Thank you for the help.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question