Migrating from SBS 2008 to 2012 while recreating but not migrating AD

We are migrating from SBS 2008  to 2012 .We would like to keep everything but AD . Our AD tree has more debris than actual . We only have 35 users but hundreds of objects representing former employees and other objects which were added by former consultants and admins .
The idea seems to be to create a new AD and recreate the policies from scratch .Then in the end migrate the desktops to new Domain where there is no debris .
This is happening on the same physical network .
How do I this?
Can I do the following steps
Add the new server as a new Companyv2 domain controller with no computers added to it
Migrate all the other roles dns dhcp printers, data ,remote gateway services ..as is thensimply migrate desktops from old AD to new AD ?

Or am I asking for trouble because all these are linked ?
Alternatively is there a better way to migrate the existing AD and modify( clean it up on the new server )
I trying to avoid GIGO .
Thanks in advance
Andre PAsked:
Who is Participating?
 
bbaoIT ConsultantCommented:
you need to clean up your AD before moving on. i believe you would be interested in below TechNet article from Microsoft, which covers both concepts and tools.

https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

alternatively some third-party tools are also useful though they are not free such as AD Tidy.

http://www.cjwdev.co.uk/Software/ADTidy/Info.html
0
 
bbaoIT ConsultantCommented:
> Or am I asking for trouble because all these are linked

a kind of. basically because new AD will have a new SSID for EACH domain resource even it will share the SAME name and permissions, but existing resources and their permissions can't be recognised by the new AD. hence all resources need to be reconfigured one bye one. so it's no a simple re-do for the domain controllers only, actually the whole resources as well.
0
 
Andre PAuthor Commented:
So if I have an AD which is 80 percent garbage accumulated over years of turnover and failed system admins ,security policies that do not work well  . I am stuck with it for the sake of the 20% i want to keep ? There must be a tool that can migrate only the parts of AD (with SSID)
 I want to keep .
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Andre PAuthor Commented:
This puts an entire new level of complexity on the project as I will be looking for which needles in a haystack I want to keep .
This will add a tremendous time extension on this project .
It would have been easier to just recreate the users and groups manually on the new server than doing it the other way .
I was maybe hoping that I could then match then modify the ssids of the users i am keeping to the ones on the old server ,
Can I copy the existing AD onto the new server then clean it up there? I dont want to start deleting objects on the production server .
I was hoping to setup the new AD on the New Server ..  Migrate the roles I need  Test with a desktop for functionality . and be done .
0
 
bbaoIT ConsultantCommented:
i don't understand why running tools to clean up AD could increase project complexity tremendously.
0
 
Andre PAuthor Commented:
I tried the tool but how does it now remove unnecessary groups ?
0
 
bbaoIT ConsultantCommented:
> unnecessary groups?

do you mean user groups with no any user? or OUs with no any object?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.