Re: Migrating Domain: Disable Old AD Domain Using LMHOSTS
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Sun, 8 Jun 2008 10:52:58 -0500
"ScottH---" <Scott_Newsgroup@xxxxxxxxxxxxxxxx> wrote in message
news:8AEB9703-D599-4AE1-B43F-8D62CF6F3A93@xxxxxxxxxxxxxxxx
We are migrating our domain to integrate into our new corporate owner's
domain. Our "FT" domain will be shut off.
To prepare for the change, I need to set up a test machine that will not
be
able to locate any FT entries. I have been told that I can do this by
using
the LMHOSTS file, directing the FT domain entries to another location.
This would not typically work for DNS requests since they get answered
(by DNS methods) before the NetBIOS (including LMHosts) methods
are even checked.
IIRC there is no wildcarding facility in either the LMHosts nor the
Hosts files either so you would theoretically need to enter every possible
record (in both).
What reference or documentation are you following that led you to this
idea? Maybe if we read that we will understand better what it is
recommending.
I've looked around and tried to figure out what I need to enter, but have
not been able to sort it out. I've tried adding the following line to the
LMHOSTS file:
101.10.10.0 primary #PRE #DOM:FT #nonexPDC
That would put in an (likely bogus) address for the name "primary" which
is checked before using WINS or Broadcasts (i.e., PRE-loaded into cache)
and is a Domain controller for FT domain.
You would need a record for EVERY (possible/existing) Domain
controller too.
You would still not prevent machines from trying to contact "Servers"
from that domain/workgroup.
I then run "nbtstat -R" and try to do a lookup against the FT domain. The
workstation can still find the FT results, so my change did not succeed.
Look ups aren't really done "against [the FT] domain" but rather for the
COMPUTER names and address.
Can you help me understand what I need to add to the LMHOSTS file to
DISABLE
the FT domain for testing?
Just to set a reference: I am one of the top NetBIOS (and DNS)
people around and I cannot imagine I would approach this in this
manner but maybe someone else knows what you are attempting
and how to do this. What reference are you following?
If you want to make sure that NetBIOS doesn't work for any FT
domain name then you need to do these things:
1) Make sure that you check your WINS Server (if any)
to ensure that no FT domain names are being registered.
2) Remove any machines or change the domain names on any
that try to do #1 and register names with WINS
3) Just change every machine to be in the OTHER domain/workgroup
name
4) Try broadcasting (e.g,, net view /domain:FT) on each subnet and
keep removing them
5) ...(it just doesn't hold together for me this way of thinking about
it)
What specifically are you trying to accomplish by this? (Not how you
expect to do it, but what the REAL GOAL is).
Sometimes we can find better ways....
.
- Prev by Date: Ports to open for Parent and Child domain
- Next by Date: Re: Domain Rename with Windows Server 2008?
- Previous by thread: Ports to open for Parent and Child domain
- Next by thread: RE: Migrating Domain: Disable Old AD Domain Using LMHOSTS
- Index(es):
Relevant Pages
|
