Announcement

Collapse
No announcement yet.

Copy accounts to other domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Copy accounts to other domain

    Hello,

    Current situation:
    2 domains, both in Windows 2000 Native Mode : OW_HA [ontwerpwetenschappen.ha.be] and OWRESNET [owresnet.ha.be].
    They are not linked.
    OW_HA has a lot of problems (missing 1 FSMO role due to hard crash of server when backups weren't there).
    I have no control over the domain ha.be

    What I like to achieve:
    I've set up a new forest root OW [ow.ha.be] in Windows 2000 Mixed mode (on Server 2003) under which I like to:
    - Move the existing OWRESNET below OW, changing DNS to res.ow.ha.be
    - Create a new domain HVDV below OW with DNS hvdv.ow.ha.be, with a copy of a part of the user accounts from OW_HA
    - Create a new domain PO below OW with DNS po.ow.ha.be, with a copy of the rest of the user accounts from OW_HA

    The problem is now, that I cannot remove OW_HA before I have HVDV up and running. So a migration isn't possible.

    I'm actually asking how to copy accounts, including passwords, from one domain to another.

    Tnx.
    Toni Van Remortel
    System and Network administrator

  • #2
    Re: Copy accounts to other domain

    Originally posted by netwerk.ow View Post
    - Move the existing OWRESNET below OW, changing DNS to res.ow.ha.be
    You can't move a domain belonging to one forest to another forest. This just can not be done...

    Can you please be more specific about your AD layout ? Something like:
    Forest1: corp.domain.com
    Forest root domain: corp.domain.com
    Child domain: child.corp.domain.com
    Additional tree in the forest: rd.domain.com

    New forest:
    etc...
    etc...
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"

    Comment


    • #3
      Re: Copy accounts to other domain

      Hmz, moving not an option ... then it will be a copy/delete action. Hope that will work.

      Current DNS situation:
      OW_HA : ontwerpwetenschappen.ha.be
      OWRESNET : owresnet.ha.be
      I have no controll over ha.be

      Wanted situation:
      Forest root OW: ow.ha.be
      OW_HA ->copy accounts to-> HVDV: hvdv.ow.ha.be
      OWRESNET ->move entirely-> res.ow.ha.be
      new PO -> po.ow.ha.be

      Comment


      • #4
        Re: Copy accounts to other domain

        Current DNS situation:
        OW_HA : ontwerpwetenschappen.ha.be
        OWRESNET : owresnet.ha.be
        I have no controll over ha.be
        Do you mean that there exists Forest root domain with ha.be DNS name or that you have no control over ha.be DNS zone ?

        In any case, you can not move a doman entirely from one forest to another. the only option is to perform a full migration of computer and user accounts.

        One of the options might be:
        1) Rename owresnet.ha.be domain to ow.ha.be
        2) Create res.ow.ha.be child domain and move all user, group & computer accounts to the child domain using either "movetree" utility or ADMT
        3) Create new child hvdv.ow.ha.be domain and use ADMT to migrate accounts from ontwerpwetenschappen.ha.be to hvdv.ow.ha.be
        4) Create new child domain po.ow.ha.be

        The above gets more tricky if you have Exchange in play - you will have to upgrade the domain to 2003 Native to be able to rename it safely.

        Another option would be to build the new forest from scratch will all the domains and migrate the existing domains to corresponding new domains in the new forest.

        Just out of curiousity, what are the sizes of the domains we are talking about ? Why do you want to have seperate domains ? Any special reason not to create a new single-domain forest and migrate all the users to it ?
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"

        Comment


        • #5
          Re: Copy accounts to other domain

          Originally posted by guyt View Post
          Do you mean that there exists Forest root domain with ha.be DNS name or that you have no control over ha.be DNS zone ?
          I have no control over the ha.be DNS zone. Which is no problem as far as I know.

          Originally posted by guyt View Post
          The above gets more tricky if you have Exchange in play - you will have to upgrade the domain to 2003 Native to be able to rename it safely.
          Luckily there is no Exchange involved here

          Originally posted by guyt View Post
          Another option would be to build the new forest from scratch will all the domains and migrate the existing domains to corresponding new domains in the new forest.
          I think that will be the best solution. I know now that a migration is possible without too much hassle.

          Originally posted by guyt View Post
          Just out of curiousity, what are the sizes of the domains we are talking about ? Why do you want to have seperate domains ? Any special reason not to create a new single-domain forest and migrate all the users to it ?
          The current OW_HA domain has about 2100 accounts.
          The reason for split up is quite political. The department OW has 5 educations, of which PO wants to have control over their own domain. Thus the split up from OW_HA to HVDV and PO. But some department wide licenses have to stay, so I need a top level domain for the department (OW), and domains for each education (luckily 4 of them do stick together) and the research lab.
          Student domains have very high security policy's, the research domain doesn't.

          That's why I need to change it all. And the current OW_HA domain has a lot of problems due to a domain controller crash and a non working backup.

          Anyhow, thanks for the info and replies. I'll try to create the new domains, but I won't migrate accounts. Changes in the administrative software made my automation system go kaput (no usable ID anymore in that system), so I have to change the students logon to their e-mail address (which is maintained somewhere else). But I'll fix that later.
          Last edited by netwerk.ow; 15th January 2007, 10:38.

          Comment

          Working...
          X