AD Domain Move

  • Thread starter Thread starter volt
  • Start date Start date
V

volt

I have a quick question in regards to moving a AD domain
(example child domain 123.1234.com needs to be moved away
from the parent domain 12.1234.com). The child domain
123.1234.com domain will need to exist as a parent domain
and or root outside the parent 12.1234.com domain.
What are the possible steps that I can take to perform
this action and has anyone on this message board
performed this action. Any suggestions would be helpful..
Thanks..
 
One way would be to run dcpromo on all DCs in the child domain ( you will
loose all user accounts) to remove AD then run dcpromo a second time and
install as first DC in the forest/domain. Create users from scratch.
See:
HOW TO: Promote and Demote Domain Controllers in Windows 2000

http://support.microsoft.com/default.aspx?scid=kb;en-us;238369



Second way would be to create a "new interim" domain using a third box. Name
it what ever you want, it will go away soon. Create a trust with the child
domain you want to remove from the parent and use ADMT to migrate users to
the "interim" domain.

Then run dcpromo on the DCs in the child domain, run dcpromo a second time
to install AD as a root domain, then use ADMT to migrate users from the
interim domain to the new domain.



Third way would be to add a NT 4.0 BDC to the child domain replicate, run
dcpromo on all AD DCs in the child domain, then promote the NT 4.0 BDC to
PDC and upgrade to Win 2k and AD as a root domain.

Of course you have to be in mixed mode to do this.



hth

DDS W 2k MVP MCSE
 
Danny,
Thanks for the informative AD information. We do not
want to lose the users in the current child domain so
option one will probably not work. We would like to
import/export the users from the child domain to the new
root domain and then get rid of the old child domain. I
think that option two or option 3 could be the best bet
possibly?
Thanks
 
I would use option 3. I don't think your group policies will carry over when
you move the domain back to NT 4.0.

hth
DDS W 2k MVP MCSE
 
So if we used option 3 we would quite possibly lose our
group policies once we ran dcpromo on all DC's in the
child domain and then upgraded the NT 4.0 server to a PDC
and then WIN2K as root domain? How would we keep our
group policies without re-creating them?
Thanks again
 
Danny,
Thanks again for the information, I will review this
document and go from there. If you know of anyone who
has succesffully moved a child to a new root AD domain
with group polices installed that would be helpful. I
guess the only other option would be to perform option 3
(NT 4.0 BDC to a PDC, DC Promo all the child DC's, and
then promote PDC to WIN2K AD Root) and then jsut recreate
the group policies on the new root AD domain. Let me know
your ideas..
Thanks,
 
I have a group policy template I downloaded from http://techrepublic.com
You may have to sign up as a member to access the download section and
search for "Windows 2000 Group Policy". It should bring up the "Windows 2000
Configuration Template".

I use this spread sheet to document all my group policy settings. You may
find this helpful in manually transferring the GP settings, you may want to
keep it updated as part of your network documentation.


hth
DDS W 2k MVP MCSE
 
Also I use color coding to distinguish between group policies in the
template.
All items in yellow belong to the default domain GP, blue belongs to OU 1,
and so on.

makes it easier when/if someone else has to step in if I ever leave.

hth
DDS W 2k MVP MCSE
 
Danny,
Thanks again for the information, I will take a look at
this document and may apply to what we nee dto do here.
I know that we have a NetBIOS name issue with some of the
DC's once we Dcpromo them so I am thinking that I will
chance the NetBios name on the NT 4.0 machine before
upgradign to WIN2K and then I will probably use the
documentation you provided to import the GPO's across teh
domains.
Thanks man,
 
Back
Top