Removing a domain from a forest

G

Grant

Hi,

Would anyone be able to point me in the right direction for this scenario:

"Company A" has a Native Windows 2000 native domain lets call it abc.com
"Company X" were sharing office space and were providing accountancy
services to Company A.
Because users in Company X had to be able to access resources in Company A's
domain, Company X decided to buy a server and install it as a Domain in
Company A's Forest - let's call their Domain xyz.com.

There has now been a parting of the ways and Company X are moving out to a
new location as they have lost the contract with Company A.

My question is: How does each or either company proceed to disentangle each
Company's domain from the other?
Ideally Company X would like to have their own forest with xyz.com at its
root and Company A just want rid of all trusts between the two but cannot
see how to remove them using AD Domains and trusts.

Will Company X need to demote their DC then promote it into a new forest?

Any help gratefully accepted

Grant
--
 
K

Kevin D. Goodknecht Sr. [MVP]

Grant said:
Hi,

Would anyone be able to point me in the right direction for this
scenario:

"Company A" has a Native Windows 2000 native domain lets call it
abc.com "Company X" were sharing office space and were providing
accountancy services to Company A.
Because users in Company X had to be able to access resources in
Company A's domain, Company X decided to buy a server and install it
as a Domain in Company A's Forest - let's call their Domain xyz.com.

There has now been a parting of the ways and Company X are moving out
to a new location as they have lost the contract with Company A.

My question is: How does each or either company proceed to
disentangle each Company's domain from the other?
Ideally Company X would like to have their own forest with xyz.com at
its root and Company A just want rid of all trusts between the two
but cannot see how to remove them using AD Domains and trusts.

Will Company X need to demote their DC then promote it into a new
forest?
Click to expand...

I've never tried this, but I wondered if it could be done.
Remove the Company X DC from the network, seize the Schema master, Domain
Naming Master, and if it is not already seize the PDC, Infrastructure and
RID Master roles using NTDSUtil. I'm sure someone may have tried this, but
the only other choice is demoting the DCs in which user accounts will be
lost. The only thing I cannot verify is if the Domain you remove can become
its own forest root once it is removed from the original forest root. The
original forest root should have no problem after doing the metadata cleanup
on it. I've not found any articles for removing the forest root domain from
a forest of multiple domains or if it is possible.
I suppose this is something I should run a test on.

Use NTDSUtil to remove the now orphaned domains from Active Directory on
both networks by first removing all DCs of the other domains.

How to remove data in Active Directory after an unsuccessful domain
controller demotion
http://support.microsoft.com/default.aspx?scid=kb;en-us;216498

HOW TO: Remove Orphaned Domains from Active Directory Without Demoting the
Domain Controllers
http://support.microsoft.com/kb/251307/en-us

How To Remove Orphaned Domains from Active Directory
http://support.microsoft.com/kb/230306/EN-US

If these where Win2k3, I'm pretty sure this could be done with domain rename
(rendom.exe)
 
P

Paul Bergson

We sold a company off and seperated the two. What we did was promote a new
dc and used this dc to keep the other systems intact. We handled the
seperation so none of our information went along with. The thing that has
to be understood is you will both have the same forest guid, so you could
never talk to that domain again.

I wouldn't recommend this, I would recommend creating a new forest and
domain and from this run Active Directory Migration Toolkit v3 (ADMT). This
will allow you to move all the permissions, users, machines, groups, etc...

http://informit.staging.informit.mttech.com/articles/article.asp?p=170286&seqNum=2&rl=1

http://www.microsoft.com/technet/pr...elp/7929b0c4-efe1-409c-99e3-efe9815f426d.mspx

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Migrating Accounts from one 2k forest into another 2k forest 2
Inter Forest Migration 1
Forest root domain nameing 2
Migrating forests 1
Inter-Forest Trust with AD Delegation 2
Migrating objects from one Domain to Another 1
2 Forest in one network. Not able to connect domain 9
Dedicated Forest Root Domain 4

Top