?
Solved

Internal Domain Rename

Posted on 2013-11-20
6
Medium Priority
?
500 Views
Last Modified: 2015-06-22
I have a two site single SBS domain network I want to break into two separate networks. Here is a brief description of the current setup.

Site A (Primary Site)
SBS2003 (FSMO holder, GC)

Site B
Win2k3 Srv
AD, DNS, DHCP, GC

Connected by site-to-site VPN

My goal is to get both sites operating independently and remove the VPN. I'm already aware of all the licensing I need to achieve this. I'm looking for some advice on the separation. Here is my initial plan.

Site A
perform swing migration from SBS 2003 to Win 2012 R2.

Site B
This is where I'm unsure on how to proceed. Can I run a swing to 2012 R2 then use the domain rename tool to rename my internal domain at site B to something more appropriate to the organization and different than site A? Or does that even matter? I do have several users that work primarily at Site A but occasionally travel to Site B to work. What ramifications, if any, exist by just renaming the domain for these users?

Of course I can always start from scratch and build a new internal domain and migrate existing users to it but that is much more labor intensive and disruptive.

I look forward to the feedback. Thanks in advance.
0
Comment
Question by:mthsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39662656
If you have Exchange or SQL in your environment I would not do internal domain name change as it could break several applications. Your best bet would be to create a new Forest in Site B and use the Active Directory Migration Tool to migrate the objects from Site B to the new Forest. From there you will have complete separation.

ADMT - http://www.microsoft.com/en-ca/download/details.aspx?id=8377

ADMT Guide - http://www.google.ca/url?sa=t&rct=j&q=&esrc=s&frm=1&source=web&cd=1&cad=rja&ved=0CCsQFjAA&url=http%3A%2F%2Fdownload.microsoft.com%2Fdownload%2Fa%2F9%2F4%2Fa94c5f56-f7b5-4ec8-bcaa-1eadf84c4e3f%2FV3MigGuide.doc&ei=RMmMUpqEGMeSyAGT_4GIBA&usg=AFQjCNF5JJLhOP_rb1rAe7KfUtVQsk4rLA&sig2=r9Hv5v6Qxw2IvpH37XAlxQ

I would not recommend doing the domain name change in a produciton environment. This is for test purposes only.

Will.
0
 
LVL 40

Expert Comment

by:footech
ID: 39663138
I think you would encounter problems if you split the two sites (whether you renamed one of them or not) when you have domain users and/or machines traveling and connecting between the sites.  Domain SIDs are not going to be changed by a rename.

You're going to have to set up a new domain in a new forest.  Migrating objects would help to reduce disruptions.
0
 

Author Comment

by:mthsupport
ID: 39689878
Okay. Thanks for the feedback. A new domain it is.

I've never used ADMT before so I'm not sure if it is even worth it with a network of approximately 30 users. What advantages would using the ADMT provide me? It won't migrate passwords but will it migrate computer SID and user SID so at the workstations I won't have to create new profiles?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 39689903
ADMT is used if you want to migrate Users/Groups or other AD Objects. This also allows for users in the new domain to be able to access files from the old domain as well. You will also have to re-create the profiles as they are in a new domain. If you only have 30 users then might not be worth the effort.

Will.
0
 

Author Comment

by:mthsupport
ID: 39690052
Okay thanks Spec01.
0
 

Expert Comment

by:teggra
ID: 40842846
Hi all,

short update 2 years later:

current status 2015
We also tought about renaming our domain or go ahead with a forest migration.
After discusison with Microsoft (ps calls) we identified exchange and sharepoint
as a no-go for any renaming procedures - only forest migration is an option (or just let it how it is ... ).

regards,
A.
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month9 days, 14 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question