Solved

How do I transfer AD settings from one hosted environment to another hosted environment?

Posted on 2011-09-14
10
204 Views
Last Modified: 2012-06-21
We currently have a domain set up with a hosted provider, in a virtualized environment.  There are about 100 users, 10 groups, 3 OUs, and 2 GPOs configured within AD.  This is a Server 2008 domain, all virtualized using Hyper-V.  We are currently looking to switch hosted providers.  What would be the best practice or procedure for migrating / transferring the AD / Domain settings?
We are going to name the domain / servers at the new location with the same name structure as they are currently configured.
I have tried the AD Migration Tool, but it appears that both domains need to be accessible to perform the task.

Thank you for your help.
0
Comment
Question by:jazzcatone
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 13

Expert Comment

by:Govvy
ID: 36536118
You could use csvde to export the objects and import them to the new location. GPMC allows you to perform a backup of the Group Policy files for restore
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 250 total points
ID: 36536127
Will the hosting company will not allow you to have the VHD from your current servers?

If not then you are in a pickle since you need direct access to use the ADMT tool
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36536478
If you can setup a VPN between the providers, or between you and the providers, you could them just add a domain controller in the normal way. I agree that you should be able to get the VHD or a backup of your VM.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:jazzcatone
ID: 36538189
@dariusq - I am not sure that we will be able to get our VHD, in that we are renting the OS's as well as we do not have access to the Hyper-V host to access the VHD file.
0
 

Author Comment

by:jazzcatone
ID: 36538192
@Govvy - I am setting up a test environment and going to try the csvde command.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36538234
I feel that the best bet is to be able to setup another DC over the VPN because then you can make that DC part of the SAME domain, and all passwords, SIDS, group policies, computer accounts, etc. will be preserved.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36540137
That is going to the best option is too export but this will just bring user information over so you can create the users again.

I would speak to your hosting company they could have other options
0
 

Author Comment

by:jazzcatone
ID: 36542865
@kevinhsieh - I am currently working with the hosting company to see if we can get a VPN connection configured.  If so, I will be able to configure my server as a BDC with all settings.  If this is not possible, I will need to export using csvde, and having users reset their passwords on next login.

@dariusq - I don't know if the hosting company will help, in that they may get the sense that we are looking to move our operations, but it won't hurt for me to ask.

I will up date the post as soon as I have more information.

Thanks,
0
 

Author Comment

by:jazzcatone
ID: 36566838
I am working with our hosting company.  We will be getting a VHD in the next few days.
I will keep everyone updated on the status.

Thanks,
0
 

Author Closing Comment

by:jazzcatone
ID: 36968338
I still have not completed the task, but the logic seems to be effective and should work.
Thank you for the help.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question