Re: Changing Windows Domain
- From: "Geoff N. Hiten" <sqlcraftsman@xxxxxxxxx>
- Date: Tue, 9 Aug 2005 13:29:04 -0400
There are two major considerations involved in changing domains. First is
the security issue. The SQL Setup program rewrites the account login
information on each node. If that is not changing, you should be OK without
having to go through setup. Worst case, you can manually change the service
account information on each node. DO NOT attempt to start the service
manually on any particular node. Make sure the service accounts have the
same permissions on the host nodes after changing domains. Be aware that
the machines will now be subject to Group Policies which may change things
in unexpected ways.
The second is changing the FQDN of the system. If the IP domain is
different after the change, you may run into problems with client
connections. A DNS alias record can fix this faster than any other method.
If the actual host names change, then a cluster rebuild may actually be
faster. The other way to handle node renaming is to kick out each node one
at a time, change the host name, add it back to the cluster, reinstall SQL,
reapply hotfixes.
--
Geoff N. Hiten
Senior Database Administrator
Microsoft SQL Server MVP
"CarolinaKB" <CarolinaKB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CB00A57B-A0E5-450D-9C83-9818B7883595@xxxxxxxxxxxxxxxx
>I have a 2 node Windows 2000 Active/Passive Cluster running SQL Server 2000
> Enterprise Edition. The cluster supports a 24x365, mission critical
> application.
>
> The nodes are currently members of a Windows NT4 domain which trusts a
> Windows 2003 Active Directory Domain. All user and service accounts
> (including SQLServer and SQLServer Agent accounts) are "ADDomain"
> accounts.
>
> I am planning on using the procedure described in KBs 269196 and 319016 to
> move the cluster from "NT4Domain" to the trusted "ADDomain". The TCP/IP
> names and addresses will not change, and to reiterate, the user and
> service
> accounts are already logging into the trusted domain "ADDomain", not
> "NT4Domain".
>
> When I look at 319016, however, I get the impression that that KB was
> written more to address a changed TCP/IP domain as opposed to a changed
> Windows domain. My questions are:
>
> 1) Does 319016 even apply in this situation?
>
> For example, step 1 of 319016 calls for a rerun of SQLServer setup. Since
> 1) the TCP/IP address is not changing and 2) the SQL service account is
> not
> changing, do I need to perform step 1? I'm not sure what all setup might
> be
> doing there.
>
> Also, step 2 of 319016 calls for the new TCP/IP address to be entered for
> each instance. Again, the IP address is not changing. As info, there is
> only the default instance.
>
> 2) I think that I need to move both nodes into the new domain and restart
> the cluster service on both (with SQLServer resources kept offline) before
> any SQL changes. Is that correct?
>
> 3) Assuming there are no GP changes, are there other concerns I'm
> overlooking? I saw a similar question in which the admin was leaning
> toward
> rebuilding from scratch instead of moving the cluster. That seems like a
> lot
> more work (rebuilding systems, cluster resources, and
> reinstalling/configuring applications) than moving as described above.
>
> Thanks for any feedback
>
.
- Follow-Ups:
- Re: Changing Windows Domain
- From: CarolinaKB
- Re: Changing Windows Domain
- References:
- Changing Windows Domain
- From: CarolinaKB
- Changing Windows Domain
- Prev by Date: Upgrade to Cluster
- Next by Date: Re: Upgrade to Cluster
- Previous by thread: Changing Windows Domain
- Next by thread: Re: Changing Windows Domain
- Index(es):
Relevant Pages
|
