Re: Win NT to 2003 migration

From: Kevin D. Goodknecht Sr. [MVP] (admin_at_nospam.WFTX.US)
Date: 12/08/04 

Date: Wed, 8 Dec 2004 17:19:16 -0600

In news:A3C65B4E-2D71-4918-A90B-C0A5C68D80AC@microsoft.com,
Tom McNally <Tom McNally@discussions.microsoft.com> commented
Then Kevin replied below:
> "Kevin D. Goodknecht Sr. [MVP]" wrote:
>
> Thanks for reply. I am using what I guess you call a
> disjointed namespace. Their AD structure wants to allow
> for separate subdomains based primarily on geographic
> location, and their Exchange 2003 server (which will be
> hosted on this particular box) uses the gmxxx.com as the
> root domain name for mail addressing, so I thought best
> to have a primary domain -- gmxxx.com -- and a subdomain
> beneath of corp, and then reference the gmxxx.com with A
> records.
>
> Their old NT 4 network domain name was gmnc.com, which
> they didn't own. I suggested mirroring their registered
> name, which was longer (gmxxx is again an alias), but
> better suited to internet integration down the road. I
> should have checked the server's NIC card card DNS
> address to see how AD interpreted all this.
>
> Is it better to just have gmxxx.com as the full DNS name
> and forget about the corp.gmxxx.com DNS subdomain? If I
> create a DNS primary zone of corp.gmxxx.com, then I'm
> going to have trouble with Exchange 2003 resolving to the
> gmxxx.com. (Again, this is a private DNS structure for
> internal resolution.)

Actually using the third level name corp.gmxxx.com is a very good choice if
they actually own gmxxx.com. It is easier for the DNS hierarchy to work if
you have any remote sites or VPN clients.

> When I discussed this years back with Roger Angell, he
> suggested to me to separate into domain/subdomain
> structure that I spoke about in orig message. I must have
> screwed it up somehow and then promoted the server before
> I caught the error.

What is the AD domain name in ADUC?
What is the Primary DNS suffix on the DC?
Do these two names match?
Is there a matching forward lookup zone?

> If I modify DNS after having done the AD promo, must I
> DCPromo (uninstall AD), remove DNS, re-install DNS,
> configure, and then DCPromo to get the records
> functioning? I assume so since whatever DNS domains and
> subdomains, once installed and the server promoted to AD,
> keep sticking around.

Win2k3 gives you the option to rename your AD Domain.

> Also, apparently when a workstation connects first-time
> to a new domain, the workstation creates a new user
> profile (existing logon name with new domain suffix).
> Since I shouldn't use old domain name, would group
> policies provide simplest method for keeping or
> transferring folders and personal settings etc to the
> logon in the new domain?

You should use ADMT to migrate the old domain accounts to the new domain, if
you migrate the account SID the profiles will be migrated to the new domain.
User profiles are actually stored by the SID, so if you migrate the SID the
profile get migrated. 

-- 
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Relevant Pages

  • Re: AD Newbie Questions
    ... Remember that though DNS and AD are ... You can copy the profile over, either doing a straight copy (get the ... > I've reviewed a few books on Server2K3, but before I> promote my server to a Domain Controller, there are still a few specifics> where I'd appreciate some guidance. ... I would install Studio.NET on the XP Pro workstation. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Windows firewall spontaneously changes profiles
    ... but not at the same time as the firewall profile change. ... I assumed I couldn't register with DNS because the DNS servers on campus ... registration of the network adapter and its settings by typing "ipconfig ...
    (microsoft.public.windows.server.security)
  • Re: Problem in XP
    ... profiles from the network server in the domain. ... Windows cannot load the user's profile but has logged you ... The following error occurred when DNS was queried for the ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Unable to logon using Roaming Profile on a new server
    ... Connection-specific DNS Suffix. ... Server hosting Profile, ... > include network problems or insufficient security rights. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Domain Local/Roaming Profile Problems
    ... of the profile so that the local profile would be transferred upon logout, ... Logging on to the DOMAIN using the LOCAL ... a DNS issue really ... Failure to locate the Roaming profile server (which usually ...
    (microsoft.public.windows.server.active_directory)