MERGING DOMAINS - Steps ?

M

Majstor

Hello,

I have 2 W2000 domains - 1 for domain users on LAN, lets say "DOMAIN";
allmost all computers belong to it, 1 DC.
1 only for mail server, let`s
say "MAILDOMAIN" , DC is also the only member of domain.

Now, to avoid double business, I want TO MERGE THESE 2 DOMAINS:

1. Domain name should be neither of the existing 2 but mapped to OUR COMPANY
DNS DOMAIN "COMPANY.COM"
2. Accounts created in AD should be automatically used by Mail server (not
to create separate accounts for each user).
3. A new domain name "COMPANY.COM" should be exactly the one used by Mail
server ([email protected]).


Is this a risky operation?
I mean I have to remove 1 DC ("MAILDOMAIN"), rename the other one ("DOMAIN"
to "COMPANY.COM"), change DNS etc.

What is the order of moves?

Regards,
Vladimir
 
C

Christopher Tunnecliff

I'd build the new domain structure and test it is stable.
Then create the trusts between all the domains.
If the domains are NT4 then use NetIQ's Domain Migration
administrator (works well)

If the domains are 2K then use the ADMTv2 from the Windows
2003 Server (or Beta version) CD

Steps.

Create secondary DNS zones in the new domain
Create the OU structure you require.
Migrate the groups and translate the security on all
servers (so you have Domain A security groups alongside
Domain C security groups)
Migrate the users and add them into the groups
Do another security translation to remove the security
groups from the old domains on all servers

Very simplistic above and assumes no E2K servers
involved. Get in touch if you want more info.

Chris.
 
M

Majstor

When you say "migrate" and "translate" do you mean using ADMTv2 or manually
creating groups, users and security?
And what of those steps you stated, are conducted by that tool ?

Vlada
 
C

Christopher Tunnecliff

Migrate and translate are done by ADMTv2

The only thing I'd recommend you manually doing is
creating the OU structure in AD and creating any
Group/Domain policies manually.

The user accounts (and even passwords if you are merging
to AD domains) can be migrated.
The ADMTv2 toold migrates the groups and then will search
all servers (that you specify) and either replaces the
GUID with the migrated groups GUID, Adds the GUID
alongside the existing one, or just removes the old one.

This is alot to talk about in a newsgroup (and slow) so
please feel free to e-mail me directly as I am just
testing this again because we are merging 2 forests.

Chris.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Global Catalogs in Multiple Domain forest 6
Replication intersite troubles 3
Remote site setup 1
Separating trusted domains 4
AD/DNS Issue 6
remove sub-domain on root domain 2
Connecting 2 domains over a VPN 2
Child dc trouble 3

Top