Re: 2003 AD upgrade and consolidation
- From: Ken Manohar <KenManohar@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 15 Dec 2006 06:38:01 -0800
Hi Herb,
I want to have one root in a single tree.
The plan is to have one server as the forest root in a new AD domain e.g.
abc.local. Then I would have a second server as a new tree root in an
existing AD forest e.g. abc.com. For each subisdary, I would place a server
to act as their new DC and join this server as a child domian e.g.
sub1.abc.com, sub2.abc.com.
The forest root and tree root are seperated in case the client accquires
further subsidaries. A trust relationship will be set up between the forest
root and the new subsidary at the beginning. When the new subsidary can
comply with the company's policies, it will be made a child domain as the
other subsidaries.
Right now each subsidary has their own seperate AD forest. The plan involves
creating domains which are different from the domain names currently being
used. New DC's will have to be built and a migration done from the existing
domain to the new one.
Glad to hear that ADMT can transfer computer accounts. So after I build
domain controllers for the new forest root, tree root and child domains, I
can used ADMT to transfer the user settings and computer accounts, etc. Then
used the File Transfer Wizard to migrate the files. This will keep the
permissions in the new domain?
Once the ADMT transfers the servers account, the server apps should continue
to work. They are already running on Windows 2003 servers and have no
dependency on the domain name.
Welcome your comments,
Ken
"Herb Martin" wrote:
"Ken Manohar" <KenManohar@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message.
news:1C0D025E-8431-4C15-8ADB-4F6DAB464D2C@xxxxxxxxxxxxxxxx
Hi Good Day,
A client would like to utilized the centralized management provided by
Active Directory.
They have a number of subsidaries, each with their own AD forest. A
mixture
of Windows 2000 and Windows 2003.
The client would like to create one Forest Root and one Tree Root. Then
have
the subsidaries as child domains to this tree root.
Do you mean "one each" or one Root in a single tree?
Additional Trees are ONLY about having different DNS suffixes.
Any ideas on the best way to do this migration? The method I have so far
is
to:
1) Build all the 2003 servers (Forest root and tree root on different
servers)
What is the point of the "Forest root" if there is going to be
another tree root? (It may make sense but hearing the idea
would help us to help you.)
2) Promote to domain controller
Promote what? Once you have the domains you have
at least some DCs. Nothing wrong with more of course.
3) Use ADMT to transfer user settings
And users, passwords, computers, groups, OUs ...
4) Use the file transfer wizard to transfer files/shares and permissions
Watch our for User Profiles which may not get included by
default.
5) Manually unjoin and join each workstation to the new domain
The ADMT can be used to actually create the computer
accounts.
The client does not use Exchange. Their applications are compatible with
Windows 2003.
Watch out for duplicate names, especially if these
are large domains (the odds of a clash increase.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Thanks in advance,
Regards,
Ken
- Follow-Ups:
- Re: 2003 AD upgrade and consolidation
- From: Herb Martin
- Re: 2003 AD upgrade and consolidation
- References:
- Re: 2003 AD upgrade and consolidation
- From: Herb Martin
- Re: 2003 AD upgrade and consolidation
- Prev by Date: gpo applied but not making changes
- Next by Date: Re: Urgent - please help
- Previous by thread: Re: 2003 AD upgrade and consolidation
- Next by thread: Re: 2003 AD upgrade and consolidation
- Index(es):
Relevant Pages
|
