AD 2000 design question

  • Thread starter Ladanian Tomelson
  • Start date
L

Ladanian Tomelson

Someone didn't know what they were doing when setting up Active
Directory for a company. That consultant is out, and I'm rushing in
with the wonderful task of fixing up their crappy AD design.

There are two servers. For purposes of the newspost I will name the
servers and domain differently. ServerA is a file server, ServerB is
the Exchange server.
Both servers are windows 2000 but seem to be setup as two different
forests:

ServerA:
AD domain: ABC.COM
FSMO Roles: Schema,Domain Naming, RID, PDC, Infrastructure

ServerB:
AD domain: Domain.ABC.COM
FSMO Roles: Schema, Domain Naming, RID, PDC , Infrastructure

Both servers are global catalogues. They are not replication partners
which leads me to think they are two different forests despite the
naming conventions which is now looking to be pretty misleading.

When a new user is created, that same user account has to be created
on both servers because end users have to access resources on both
servers. Sounding like a shitty design already?

Anyway what I would like to do is just have one domain: ABC.COM
The problem is the exchange server is on "Domain.ABC.COM". How would
this effect the Exchange server?

The easiest way (and correct me if I am wrong), given the info above,
is to DC Promo down Server A, then DC promo it up and join it to
"Domain.ABC.COM". Any forseable negative effects in doing this? I
would prefer having both servers on "ABC.com" however ;)

Hopefully some you Active Directory commanders can give me some
helpful insight on the issue at hand. Thanks!

Ladainian Tomelson
Running Back
San Diego Chargers
 
T

Tomasz Onyszko

Ladanian said:
Someone didn't know what they were doing when setting up Active
Directory for a company. That consultant is out, and I'm rushing in
with the wonderful task of fixing up their crappy AD design. (...)

Both servers are windows 2000 but seem to be setup as two different
forests:
(...)

Yes, You have two forests
When a new user is created, that same user account has to be created
on both servers because end users have to access resources on both
servers. Sounding like a shitty design already?
No, sounds like Exchange deployment with resources and account domain -
but I think that this is completly innecessery in this network -
especially that synchronization has to be done manually

Anyway what I would like to do is just have one domain: ABC.COM
The problem is the exchange server is on "Domain.ABC.COM". How would
this effect the Exchange server?

The easiest way (and correct me if I am wrong), given the info above,
is to DC Promo down Server A, then DC promo it up and join it to
"Domain.ABC.COM". Any forseable negative effects in doing this? I
would prefer having both servers on "ABC.com" however ;)

Hopefully some you Active Directory commanders can give me some
helpful insight on the issue at hand. Thanks!

Solution 1:

Use Exmerge to export mailboxes form Exchange server to pst files
Uninstall Exchange from Server B, Demote Server B, promote it as a
member server in abc.com domain, install exchange in abc.com, create
mailboxes for a users in abc.com domain, import pst files into users
mailboxes

Solution 2:
Use ADMT and Exchange migration Wizard to migrate the mailboxes between
these forests
http://www.microsoft.com/technet/pr...ide/913a25eb-ce2b-4743-8f4b-9b62f53c8af9.mspx
 
P

ptwilliams

In addition to Tomasz's excellent answer, you also have the simplest choice
of doing what you suggested - demoting the non-exchange DC and then
promoting it to a DC in the (exchange) domain. I can see no problems with
this, other than losing all directory data for that domain <g>. But you've
been duplicating the usernames, etc. anyway.

I suppose, it depends on which domain the clients are joined to. That's
where the leg work comes in. As if the clients are joined to ABC(1) then
they'll either need to be migrated, or added to the new domain.


--

Paul Williams

http://www.msresource.net
http://forums.msresource.net
______________________________________
Ladanian said:
Someone didn't know what they were doing when setting up Active
Directory for a company. That consultant is out, and I'm rushing in
with the wonderful task of fixing up their crappy AD design. (...)

Both servers are windows 2000 but seem to be setup as two different
forests:
(...)

Yes, You have two forests
When a new user is created, that same user account has to be created
on both servers because end users have to access resources on both
servers. Sounding like a shitty design already?
No, sounds like Exchange deployment with resources and account domain -
but I think that this is completly innecessery in this network -
especially that synchronization has to be done manually

Anyway what I would like to do is just have one domain: ABC.COM
The problem is the exchange server is on "Domain.ABC.COM". How would
this effect the Exchange server?

The easiest way (and correct me if I am wrong), given the info above,
is to DC Promo down Server A, then DC promo it up and join it to
"Domain.ABC.COM". Any forseable negative effects in doing this? I
would prefer having both servers on "ABC.com" however ;)

Hopefully some you Active Directory commanders can give me some
helpful insight on the issue at hand. Thanks!

Solution 1:

Use Exmerge to export mailboxes form Exchange server to pst files
Uninstall Exchange from Server B, Demote Server B, promote it as a
member server in abc.com domain, install exchange in abc.com, create
mailboxes for a users in abc.com domain, import pst files into users
mailboxes

Solution 2:
Use ADMT and Exchange migration Wizard to migrate the mailboxes between
these forests
http://www.microsoft.com/technet/pr...ide/913a25eb-ce2b-4743-8f4b-9b62f53c8af9.mspx
 
L

Ladanian Tomelson

Thank you both for your time and input. Due to the amount of time it
would take to implement an exmerge of all the mailboxes, the easiest
way to fix this design would be simply demoting serverA and promoting
it again to join the other AD domain. All of the workstations are
joined to ServerB's domain anyway so this would work out best. You
guys rock.
L
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Moving Operations Master Roles 1
GUID 5
W2003 DC in a 2000 Native AD 3
AD Trust to NT4 Domain 3
Server's migration 1
remove sub-domain on root domain 2
FSMO (Domain Naming and Schema owner) 4
FSMO Placement 2

Top