Building new domain alongside current set up, then swap over
I have been into a school today that is in a bit of a pickle. This junior school used to be a RM CC3 network. It has around 80 clients. A part time technician moved the school away from RM network to a vanilla install. The trouble is the network is in a complete mess as the guy who set it up was not experienced enough hence the mess.
The staff and limited students can lo gin to the vanilla network but there is no GPO security and the permissions on folders are ridiculous.
I have a spare server which i thought about building a separate domain, set ting up DHCP and DNS correctly. Then importing all user accounts (or even setting up from new with scripts) and getting a fresh start. I could then use the current server to add as a second DC. I could build this network with out disrupting the current one then just swap over during half term and they would be ready to go with the new domain after the half term holiday.
Is this feasible, pitfalls etc?
Re: Building new domain alongside current set up, then swap over
I had to do this when I started here - same thing - they had moved out from the LEA, but had no GP's, etc
At first I created a GP to lock the kids down as damage limitation, then on an isolated server I created a new DC - set up all the relevent GPO's, User accounts, DNS, DHCP, etc etc, then come half term, simply took down the old DC, plugged the new one in, and rejoined all the PCs to the new Domain..
Took most of the week (Feb half term) and there were some teething problems, but it worked.
What I would recommend though is that you re-image all your PC's as soon as you can after as there are always buried links to the old system that crop up..
The following suite will help with the user migrations
Costs about £50 but well worth it - you can export virtually all the relevent AD attributes for users and then import them into the new domain