Solved

Domain Controller/Domain name Change, Exchange email boxes permissions

Posted on 2014-02-04
8
373 Views
Last Modified: 2014-02-07
Hello,

I have a need to change the internal domain name to something else.   It was built off a very long unrelated name to the business and since I am doing a upgrade to the AD I thought I would address this...  Yes I believe it would be much easier to keep the original name but I have too much time on my hands plus I'm curious on how to do something like this.  

My current environment;
Windows Server 2003 R2 - DC1 & DC2 (as a backup) Named "OldName.local"
Windows Exchange 2003 on DC1

My upcoming environment;
Windows Server 2008 R2 - DC1 & DC2 "Named "NewName.local"

So Far I have successfully built the "NewName.local" domain name environment with its own DNS and DHCP & successfully created a Trust between these domains.  I can see from both DC's each own AD groups and user accounts.  My PC's recognize both DC's with related user accounts however I'm not sure how to allow my "OldName.local" exchange server's mailboxes access to my "NewName.local" domain and I'm curious to see if anyone has a solution on how to move my existing exchange server 2003 (I will eventually upgrade to Exchange 2010 but not now) to the new Domain so that the user accounts on the new Domain will receive and send on their "NewName.local\user" logins?
0
Comment
Question by:jo80ge121
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 5

Expert Comment

by:Paul Wagner
ID: 39834457
VERY IMPORTANT - IF YOU HAVE SHAREPOINT, don't change the domain name without reading this:

http://mohammadwardat.wordpress.com/2012/07/15/changing-domain-name-for-sharepoint-2010-server-farm/

http://blogs.technet.com/b/sushrao/archive/2011/12/02/sharepoint-migrating-sharepoint-server-from-one-domain-to-another.aspx

... I'm just now reading that you built a new domain already, separate from the old one.
You can use the ADMT free from Microsoft, but Exchange could be tricky if you have "special" stuff set up. I would recommend changing the domain name first and then just do an upgrade to server 08. (Hopefully you're on VM's) It will bypass the build you already did but it runs smoother IMHO.
0
 

Author Comment

by:jo80ge121
ID: 39834560
Thanks.  I will try the ADMT on a test environment I have and let you know.  What do you mean by "special" stuff setup in the exchange -  can you give me one example please?
0
 
LVL 5

Expert Comment

by:Paul Wagner
ID: 39834575
Sure... I kind of say "special" light-heartedly but I mean to say:

-Lots of shared calendars with overlapping permissions (including people on the outside allowed to see/work on them)

-Depending on number of users and how long it takes, you might need co-existence for a short time

-Do you have third party apps on the exchange server? (i.e.- GFI,Exclaimer, etc.)

-A lot of forests in your AD

I definitely don't want to scare you from it, but Exchange can be a beast.
If you've got the bucks, you can also take a look at Dell's Quest software. Expensive, but solid. (You'll have to hire a certified Quest guy, though. They don't sell to just anyone)
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:jo80ge121
ID: 39834580
thanks for the clarification.  Not that many special setups like that, all manageable and I do have GFI but that is just a Online spam filter.

So going back to your initial response, " I would recommend changing the domain name first and then just do an upgrade to server 08" Can you clarify this a little on this?
0
 
LVL 5

Expert Comment

by:Paul Wagner
ID: 39834594
Sure... Change from old.local to new.local first and then upgrade to server 2008, or 2012. Essentially, I would want to make sure the new domain is operating properly, rather than trying to make the new domain work in a new OS... more than one thing to manage. Once you're solid, then do the upgrade.

Here are some good links that I've used in previous projects (ya, I kind of have an archive):

http://technet.microsoft.com/en-us/library/cc816848(v=ws.10).aspx

http://www.microsoft.com/en-us/download/details.aspx?id=4132

http://social.technet.microsoft.com/Forums/windowsserver/en-US/9b99a789-f094-4e5a-ae55-e599c7ba3694/active-directory-domains-rename-tools?forum=winservergen


Not directly for 2003 but great info:

http://social.technet.microsoft.com/wiki/contents/articles/1347.renaming-a-windows-server-2008-active-directory-domain-dsforum2wiki.aspx
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39835198
For migrating Active Directory objects from one domain to another ADMT is what you need (no other way). For Exchange you can use the built-in migration wizard to move mailboxes to another Exchange server in another forest. You could also use Exmerge as well to accomplish what you are doing.

There should be no need for Dell Quest software, it is just over priced and free tools are available.

Exchange Migration Wizard / Exmerge Steps

Will.
0
 

Author Comment

by:jo80ge121
ID: 39841628
very nice thank you.   I'm trying it this weekend on my test environment.
0
 

Author Comment

by:jo80ge121
ID: 39843770
The exmerge will work just fine.  Thank you.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question