+ Post New Thread
Results 1 to 6 of 6
How do you do....it? Thread, Starting again - new domain in Technical; Okay, I'm thinking big. I want to scrape our existing domain and start completely from scratch - well almost. AD ...
  1. #1

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,835
    Thank Post
    874
    Thanked 937 Times in 774 Posts
    Blog Entries
    9
    Rep Power
    335

    Starting again - new domain

    Okay, I'm thinking big. I want to scrape our existing domain and start completely from scratch - well almost.

    AD and GPO's have become something of a mess over the years and I've never liked the choice of domain name. Also can't be 100% sure what services rely on an old admin password. Need to clean this up and get it working properly/securly.

    However, we run Hyper-V servers that are joined to the exiting domain, looks like I've got a chicken and egg situation.

    What I'm thinking is making the Hyper-V servers DC's for the existing domain then getting rid of the existing DC's. The Hyper-V servers and the main storage server will remain on the existing domain.

    I can then create a complete new forest as virtual machines running on the hyper-v servers. This will then let me create new virtual domain controllers with new clean GPO's and security groups.

    So, the question comes down to user migration. Do I...

    a) Create new users accounts on the new domain, copy user files from the file server into a new virtual file server on the new domain

    b) Create a forest trust, migrate users to the new domain, copy user files from the file server into a new virtual file server on the new domain

    c) Create a forest trust, migrate users to the new domain, leave files on the old domain providing access through the forest trust

    d) Create new user accoints on the new domain, create a forest trust, leave files on the old domain providing access through the forest trust

    e) Something else I haven't thought off

  2. #2

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,835
    Thank Post
    874
    Thanked 937 Times in 774 Posts
    Blog Entries
    9
    Rep Power
    335
    Bump!

    Posted this a bit late last yesterday so thought I'd bump it this morning. Anyone got any advice/experience of switching domains?

  3. #3

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,946
    Thank Post
    139
    Thanked 291 Times in 211 Posts
    Rep Power
    193
    When we moved from CC3 we created new domain, allowed trust and stored and the old domains files on the new domains servers. When we switched over between the domains happened the data was exactly the same. Then the old domain could be removed once the switch was made.

    We use VMware so don't have to worry about HOSTS being on domains
    Last edited by Theblacksheep; 15th November 2013 at 08:56 AM.

  4. Thanks to Theblacksheep from:

    tmcd35 (15th November 2013)

  5. #4

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,835
    Thank Post
    874
    Thanked 937 Times in 774 Posts
    Blog Entries
    9
    Rep Power
    335
    Quote Originally Posted by Theblacksheep View Post
    When we moved from CC3 we created new domain, allowed trust and stored and the old domains files on the new domains servers. When we switched over between the domains happened the data was exactly the same. Then the old domain could be removed once the switch was made.
    Where your domains in the same forest, or do you create a new forest and a trust between them?

    So you moved files to the new domain, users logged onto the old domain and could access their files across the trust?
    Then copy the users to the new domain, and the folder access rights should update automatically?

  6. #5

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,818
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Quote Originally Posted by tmcd35 View Post
    Where your domains in the same forest, or do you create a new forest and a trust between them?

    So you moved files to the new domain, users logged onto the old domain and could access their files across the trust?
    Then copy the users to the new domain, and the folder access rights should update automatically?
    If you are wanting to completely remove the original domain completely I would create 2 forests and then setup a trust between the two forests.

    The folder rights wouldn't update automatically (I don't think).

    But if you saved this batch into each share it will set permissions based on the foldername (so as long as the folder name is the username you sorted). Obviously change the groups in speech marks to who you would like to allow permission. In this Example Manage Student Data has full control and Teaching Staff are read only.

    for /d %%1 in (*) do echo y|cacls %%1 /t /g %%1:F administrators:f "manage student data":f "domain admins":f system:f "teaching staff":r

  7. Thanks to glennda from:

    tmcd35 (15th November 2013)

  8. #6

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,946
    Thank Post
    139
    Thanked 291 Times in 211 Posts
    Rep Power
    193
    Quote Originally Posted by tmcd35 View Post
    Where your domains in the same forest, or do you create a new forest and a trust between them?

    So you moved files to the new domain, users logged onto the old domain and could access their files across the trust?
    Then copy the users to the new domain, and the folder access rights should update automatically?
    Thats it cross forest trust, dont use the same forest. All right except the access rights should be corrected by scripts as they wont update automatically.

SHARE:
+ Post New Thread

Similar Threads

  1. Setting Up New Server and New Domain
    By Zoom7000 in forum Windows
    Replies: 14
    Last Post: 2nd June 2007, 08:16 PM
  2. New domain dns problem
    By Jamie_a in forum Windows
    Replies: 6
    Last Post: 12th March 2007, 03:17 PM
  3. SIMS - Migration to new Domain
    By Gatt in forum Windows
    Replies: 2
    Last Post: 20th December 2006, 01:06 PM
  4. Cannot join pc's to new domain :( - Solved :)
    By richard in forum Wireless Networks
    Replies: 11
    Last Post: 7th December 2006, 09:06 AM
  5. I'm going to start a new business...
    By indiegirl in forum General Chat
    Replies: 1
    Last Post: 9th August 2006, 10:07 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •