No announcement yet.

Starting over with AD using same domain name

  • Filter
  • Time
  • Show
Clear All
new posts

  • Starting over with AD using same domain name

    Her is my dramatic story!!!

    I have been on the job about 1 month and have been putting out fires the whole time. I have the following infrastructure:

    3 servers

    server 1: Domain Controller, Exchange 2007 & Sharepoint

    Server 2: Blackberry Server & FTP Server

    Server 3: Radius, Syslog, & Custom App

    1 NAS (Does not support AD Intergration)

    Here is my problem, server 1 is dying, it started out as little errors here and there but it has increaed to Sharepoint errors every 5 mins, DNS errors and Problems with AD accounts.

    I have no problems with Server 2 and 3...

    My plan is to build a new server as a DC (keeping it off the network) recreating all of the accounts and bringing it online. I understand I will lose all of my SID history and my users will experience a hiccup.

    My new plan is like this:

    Server 1: Domain Controller, SharePoint

    Server 2: No Change

    Server 3: MS Exchange 2007

    Server 4 Symantec BE

    I guess now I am second guessing myself and wondering what most of you would do. Before you ask, No! there was no backups before I came along and I just convinced them they need one. Hence the fact that I am really paranoid about doing this now. I am really concerned about the exchange portion, I can backup the information store but will it restore in a "rebuilt domain" correctly.

    Thanks in advance for you comments.

  • #2
    Re: Starting over with AD using same domain name

    If it were me here's what I would do:

    1. Build a new DC while the old one is still online, then move all FSMO roles to the new DC and make it a GC. Install or migrate Sharepoint to this server although I would recommend putting Sharepoint on another server altogether.

    2. Build a new Exchange server while the old one is still online, then move all mailboxes, public folders, roles, etc. to this new server.

    3. Reconfigure the Blackberry server to point to the new Exchange server. You can do this without removing and re-adding all the Blackberry users. You should search the Blackberry knowledge base for the proper steps on doing this.

    4. After everything is working on the new servers then decommission the old DC and Exchange server.

    This will minimize your downtime, minimize the impact to the users, and ensure that you have working components before you take down the old ones. Think of this as a migration instead of a fresh install. If you must start from scratch there will be alot of monkeying around with user accounts, permissions, mailboxes, downtime, etc., etc.


    • #3
      Re: Starting over with AD using same domain name

      I had a similar plan but I am worried of bringing over some of the corrupt stuff from the exisiting domain when the data replicates. If I can get away with it this way I am all for it. I think my chances of having the same problems with the new one will be pretty high, your thoughts?

      Thanks again.


      • #4
        Re: Starting over with AD using same domain name

        It depends on exactly what's corrupt in the current AD. If you have to start from scratch I think you're asking for a lot of pain, downtime, and the gnashing of teeth of all your users as they wait for things to start working. You might consider opening a support case with Microsoft at a cost of $245.00 US to diagnose and fix your AD issues before you go any further.


        • #5
          Re: Starting over with AD using same domain name

          I would like to point out to "joeqwerty" in section two of building a new exchange server.
          You could also use another option as a safe side additive and you could export all MBX to a PST file using EXmerge free tool from Microsoft. then you don't have to worry about the old exchange server.
          you just build a new server and create new MBX per User (that incase you had to create users from scratch Option) and then import the PST Data back into their fresh newly MBX you just created.

          that is an option but I would actually try "joeqwerty" option 1st but also exporting the MBX just in case...

          ohhh. P.S b4 you add a new DC to the domain as "joeqwerty" said in option 1.
          Create a full backup of the old DC (System Partition & System State), that if something happens and the Directory is screwed you got a backup.
          for that Backup , I would use the good old built in NTBackup tool - I just restored a DC replica using NTbackup in a test Lab , works gr8, but you must restore both System state and the System Partition (meaning Drive C: in most cases) that is based on Microsoft TID KB263532
          "How to perform a disaster recovery restoration of Active Directory on a computer with a different hardware configuration"
          Last edited by Akila; 13th May 2008, 19:11.


          • #6
            Re: Starting over with AD using same domain name

            I was going to suggest the exmerge option but thought it might be a lot of additional work, but as Akila said it is definitely one of your options.


            • #7
              Re: Starting over with AD using same domain name

              Folks, in E2K7 you can take a DB from one Exchange and mount it as-is on another, so cold backup of E2K7 database should be sufficient. Moreover exmerge is no longer supported on E2K7 and you need to use Export-Mailbox from powershell to export the mailboxes to PSTs.
              Guy Teverovsky
              "Smith & Wesson - the original point and click interface"


              • #8
                Re: Starting over with AD using same domain name

                as for blackberry can say that if you join new exchange server to existing organization an move mailboxes with both servers running blackberry will automatically update links displayed in the blackberry manager.

                have done a 55 to 2k3 migration and all was good

                good luck on decision but the options that allow current servers to stay active i would support as it can be easier to try the easy options first........ failing this worry about that when and if it happens as you'll be on the same page as you started anyway with 0 users on your back