Re: root forest AD DC crashed
- From: "Jorge de Almeida Pinto [MVP]" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Thu, 20 Jul 2006 15:17:43 +0200
although giving it the same name you cannot attach the child domain to
it.... it is another forest root domain.
the way to migrate would be to use ADMT...
Migration high level steps are:
* Make sure the AD has been configured (sites, subnets, replication, OUs,
GPOs, delegations, DNS, WINS, DHCP, etc.)
* Setup name resolution (WINS or DNS) between source and target
domain/forest
* Setup trusts (if an external trust is configured and sidhistory is used,
disable sid filtering)
* Install and configure migration tooling
* Migrate groups, user accounts with passwords and group memberships (with
sidhistory)
* Migrate clients from the source domain to the target domain, translate
security on the client, and translate profiles (at this moment users start
logging on with their new AD account on the migrated clients that have been
migrated previously to the w2k3 domain)
* Migrate mailboxes if needed
* Migrate servers to the new domain or migrate data to new servers
* Translate security (Re-ACL) of the data/resources from source security
principals to target security principals (replace the security descriptors
from the old domain with the security descriptors from the new domain )
* Cleanup temporary configurations
* Cleanup sidhistory (recommended!). sIDHistory is used to access resources
while those resources still have security descriptors from the old domain.
As soon as all data (file, folders, mailboxes, etc.) have been re-ACL-ed
sIDHistory can be cleaned. Sidhistory should only be used temporary for
migration purposes!
* Remove trusts
* Decommission old domain(s)
a suggestion from me would be:
Don't have two domains in the forest which one DC only for each domain, but
instead have 1 domain with 2 DCs if that is OK for you
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Krishna" <k_mrNOSPAM@xxxxxxxxx> wrote in message
news:uwwpRQzqGHA.1976@xxxxxxxxxxxxxxxxxxxxxxx
Jorge, yes for all was correct.
Since our shop is more of Novell we don't have many DC's.
New forest is created when I rebuild my First DC/Forest root server.
Please explain what tools to use for migration from my second domain and
what options to choose.
Thanks
.
- Follow-Ups:
- Re: root forest AD DC crashed
- From: Krishna
- Re: root forest AD DC crashed
- References:
- root forest AD DC crashed
- From: Krishna
- Re: root forest AD DC crashed
- From: Jorge de Almeida Pinto [MVP]
- Re: root forest AD DC crashed
- From: Krishna
- Re: root forest AD DC crashed
- From: Jorge de Almeida Pinto [MVP]
- Re: root forest AD DC crashed
- From: Krishna
- root forest AD DC crashed
- Prev by Date: Re: Inplace Upgrade
- Next by Date: Cleanup after manually removing a DC
- Previous by thread: Re: root forest AD DC crashed
- Next by thread: Re: root forest AD DC crashed
- Index(es):
Relevant Pages
|
