Jump to content



Photo

Migrate or start from scratch a AD?


  • Please log in to reply
29 replies to this topic

#16 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 28 February 2014 - 17:53

getting all of your ducks in a row is more american than specific to illinois. 

 

http://www.wisegeek....m#didyouknowout

 

as far as local profiles go, there is a utility to map their existing profile to a new user of a new domain...again why I recommend admt, this gets around needing that utility.  but if you must:

http://www.forensit....-migration.html




#17 Roger H.

Roger H.

    Neowinian Senior

  • Tech Issues Solved: 22
  • Joined: 18-August 01
  • Location: Germany
  • OS: Windows 8.1
  • Phone: Nexus 5

Posted 28 February 2014 - 18:51

http://demazter.word...indows-2008-r2/

 

I used that to migrate from SBS 2003 R2  to Server 2012 and Exchange 2010 in 2012. Was easy enough and worked just fine.

 

Used Hyper-V in Server 2012 to create a Exchange 2010 VM and installed it on that.

 

So as long as your machine has enough RAM you'll be just fine or just set a new physical machine as the host for Exchange.

 

----

Moved to Server Support



#18 Zidane

Zidane

    Spoutcraft Lead

  • Joined: 17-May 02
  • Location: Wisconsin
  • OS: Windows 8.1
  • Phone: Nokia Lumia 925

Posted 28 February 2014 - 19:02

I'd say scratch as well.

 

Just make sure that the new server's Domain isn't the same name as the old one and you could use the profile transfer wizard: https://www.forensit...e-computer.html

 

No worrying about users losing settings then ;).



#19 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 01 March 2014 - 11:00

Hello,

Moved to Server Support

Thank you. I dont know why I posted it in the Network section.
 
 

I'd say scratch as well.
 
Just make sure that the new server's Domain isn't the same name as the old one and you could use the profile transfer wizard: https://www.forensit...e-computer.html
 
No worrying about users losing settings then ;).

It would be the same.

About user's settings and such...what settings are we talking about exactly? I know desktop arrangement, wallpaper, etc. all that but besides that?

#20 Aergan

Aergan

    Neowinian Senior

  • Tech Issues Solved: 7
  • Joined: 24-September 05
  • Location: Staffordshire, UK
  • OS: Windows 8.1 Pro | Xubuntu | OSX Yosemite| Server 2012 R2 | Ubuntu Server
  • Phone: Sony Xperia Z1

Posted 01 March 2014 - 11:04

If you're coming from a 2003 based environment and have the opportunity to start from scratch, take it - you'll be better off (especially for future upgrades).
If this was coming from a 2008/2008R2 based original deployment then I would look to migrate.

#21 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 03 March 2014 - 16:31

I wouldn't use the same domain name..  change it up a bit, change the tld or be more descriptive, etc.  This is a good time say use a .lan or .tld that does not match up with public registered domains - this removes any issues with internal and external name resolution.  Maybe you have yourdomain.com for web and use yourdomain.net for internal, etc.

 

As to profiles, possible you loose application settings, bookmarks, etc.  Its not like the anything will get removed the old profile will still be there, etc..  But users can be bitchy -- but my recycle bin icon use to be in the top left corner of the screen, now you have it the bottom left ;)



#22 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 03 March 2014 - 16:58

Hello,

I wouldn't use the same domain name..  change it up a bit, change the tld or be more descriptive, etc.  This is a good time say use a .lan or .tld that does not match up with public registered domains - this removes any issues with internal and external name resolution.  Maybe you have yourdomain.com for web and use yourdomain.net for internal, etc.
 
As to profiles, possible you loose application settings, bookmarks, etc.  Its not like the anything will get removed the old profile will still be there, etc..  But users can be bitchy -- but my recycle bin icon use to be in the top left corner of the screen, now you have it the bottom left ;)

I wouldnt even know what to change it to.

Lets say our company (this is a example) is named "McDonald Hamburgers". Our website is "mdh.com" Our internal FQDN is currently "mcdonald-hamburgers.local" and use "MCDONALDN" as our domain. Between them, there is currently NO relation between them at all.

Based on that, what do you suggest as a name change?

#23 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 03 March 2014 - 17:12

Nice that your using .local  -- based on your example I would maybe say do MCDS.local, no reason to have such a long domain name..  or MH.local maybe.  No reason why your internal can not match up with your external, just use different tld like your doing to your internal could be mdh.local as well.

 

But I would make sure that the FQDN and the netbios version of your domain is different while you run them at the same time.



#24 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 03 March 2014 - 17:25

Hello,

Nice that your using .local  -- based on your example I would maybe say do MCDS.local, no reason to have such a long domain name..  or MH.local maybe.  No reason why your internal can not match up with your external, just use different tld like your doing to your internal could be mdh.local as well.
 
But I would make sure that the FQDN and the netbios version of your domain is different while you run them at the same time.

Well, it seems then that

mdh.com
mdh.local
MDHN

Would be good names :) Short and sweet.

#25 ShadowMajestic

ShadowMajestic

    Neowinian Senior

  • Joined: 16-April 10
  • Location: Netherlands
  • OS: Windows 8 Pro 64bit
  • Phone: Nokia Lumia 920

Posted 03 March 2014 - 17:33

Just a suggestion if you would like to use exchange (or similar)

 

http://domains.live.com/ free up to 100 email addresses, since its 18 user environment I thought I'd throw it up.



#26 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 03 March 2014 - 17:33

not MDHN.. you need a tld.



#27 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 13 March 2014 - 12:03

Hello,

not MDHN.. you need a tld.

MDHN is the NetBIOS name I think.

#28 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 13 March 2014 - 12:28

Well that is fine, but you know the pre-2000 domain name or netbios name doesn't have to fall in line.  You could use I believe anything up to 15 characters so it could be Mcdonalds for example.  But yeah makes more sense to match it up to what your fqdn is.



#29 ziph

ziph

    Neowinian

  • Joined: 26-August 09
  • Location: Denmark
  • OS: Win 8.1
  • Phone: Android

Posted 03 April 2014 - 19:30

If you could get the new domain up alongside the old, you could get the sid's from the old domain to the new users on the new domain.

sid-history can be real nice when the old UID shows up on the new server, so the ressources the UID had before will stil be available.

 

Then again, maybe in your situation it is a little overdoing it, if the only ressources you need to migrate is fileaccess.

 

We migrated around 40K users on my university in the last year or two, all with sid history (admt), but actually we just decided to wipe them all, since they are creating some annoying issues for certain applications (nilex/vcenter) etc. And in the end, having sid history, is really also tying one in the old environment, which we should really just migrate to our new domain anyway.

 

So, build your new domain, make all your file permission groups.

If you could make a trust to the old domain, you could allow users from there (or groups) acces through the new domain aswell. Untill you have everything settled and you can disconnect the trust, and do away the old domain.

 

There are more than one way to your goal, the question is how much you want to disturb your users. With a trust, you could migrate everyone slowly but without much fuss for the users, and take one at a time.

Also there is the nifty tool in windows 7 if you are running that, "windows user migration tool", you can save ppl's profile,to a share, and import it after you joined the new domain, to keep all settings and make them use the new domain. Just go to advanced when you import, and match your user with the new domain. I used that alot over the years with great success.



#30 PGHammer

PGHammer

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 31-August 03
  • Location: Accokeek, MD
  • OS: Windows 8 Pro with Media Center x64

Posted 19 April 2014 - 19:45

I'd say scratch as well.

 

Just make sure that the new server's Domain isn't the same name as the old one and you could use the profile transfer wizard: https://www.forensit...e-computer.html

 

No worrying about users losing settings then ;).

I agree - start from scratch, and especially if there are going to be hierarchical changes in the directory structure in the new AD forest.

Despite my AD in my virtualization lab being based on a single controller, I have left space for all the things I don't have (backup DCs, Exchange or other mail servers, etc.) in the structure.

Even better, you can dry-map out the entire domain in your application of choice (it can be a text-file, for that matter) and then input it into System Center 2012R2 as a template for trees in your existing forests, or even whole new forests.  (With minimal tweakage - which you can do right in SC 2012R2, or even SC 2012, you can do either or both, depending on your needs.)

 

I can only hope that the forthcoming System Center Essentials offers enough of the same capabilities that SMBs and even home users can leverage without it getting too expensive.