Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Changing Active Directory Domains

Posted on 2013-10-30
3
Medium Priority
?
236 Views
Last Modified: 2013-11-06
Hoping someone can help with a Domain change.  I'm overwhelmed and can't think clearly.

I need to merge (sort of) two separate domains.

Domain 1 is:
     - using SBS (which I want to do away with)
     - with the domain name of citylan
     - with the scope of 172.16.3.XXX
     
Domain 2 is
     - using server 2003
     - with the domain name of annexlan
     - with the scope of 192.168.1.XXX

I want to end up with (I think):
    - Forest of citylan
    - Sites for chlan (changing everyone currently on citylan to this one) and annexlan
    - Everyone using 192.168.1.XXX except for a few computers that need to remain on     172.16.3.XXX


Everyone can use the same gateway except for a few computers.  I currently have two routers/firewalls on each network and there is fiber running between each site.
Just need sites to be able to share resources yet be restricted from full access to other sites computers.

Losing connectivity has to be minimal as this is a 24/7 operation.

I'm not sure if I need to get a third server and build it this way and manually enter each user (ugh) or raise a domain level and merge the other....

Any help is super appreciated!
0
Comment
Question by:carolinasgirl28
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 39612033
Bit messy, but you'd have to perform a migration to a new domain from the SBS box - at the very least.  This would require a new/temporary server.

I would create a new domain, then migrate the users/data from the SBS domain and the annexlan domain to the new domain.  You can do this easily using domain trusts.

I'd treat the site connectivity restrictions as a separate issue.  This is what a firewall is for - not domain security (this is an additional layer).
0
 

Author Comment

by:carolinasgirl28
ID: 39622599
How would you handle the two computers that need to stay on the 172 domain?
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 39622666
Exactly the same.

Unless you've got DCs in separate sites, on separate IP ranges, you don't need to worry about this from an AD perspective.  This isn't really an issue with clients.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question