No announcement yet.

Two Forests and Renaming Q

  • Filter
  • Time
  • Show
Clear All
new posts

  • Two Forests and Renaming Q

    Hi good ppl of the Board,
    I'm a newbee here and I've got a question, which I hope you'll be able to help me with.
    The current AD structure: Forest with 3 domains in it, w2k native mode, exchange2000.
    The aim: to build a new forest with only one domain w2k3, exchange2003 and migrate everything into there, so that the old one could be decomissioned.
    The "tiny, but annoying" problem: we need to have this new domain - the same name as one of the old ones (don't ask me why - for "political" reasons *sigh).

    After heavy reading it doesn't look too bad, except from - naming issue.
    Plus also - some worrying note from MS - you can't migrate w2k DC into w2k3 Domain without upgrading them to w2k3! (is it really true?!)

    I wonder if any of you have done something similar or have any advices for me, please?
    PS actually, this problem only appeared, when we needed to install new w2k3 DC into existing Forest, which we reluctunt to do because of the obsolete design of that forest and us - being scared of "if anything will go wrong on forestprep, etc" - the schema master is "cleverly" our main applications server(!) and a 24/7 web-server - so - any live experiences with "what can go wrong" would be appreciated as well.

    many thanks in advance
    Experience is something you don't get until just after you need it

  • #2
    Are you planning to collapse everything to the root domain of the existing forest ?

    Few things to beware:
    - domain rename is NO-NO if you have Exchange deployed.
    - All current DCs have to be upgraded to W2K3 only if you are switching to W2K3 native mode (as opposed to W2K native)
    - If you add W2K3 DC to existing forest, the forest schema must be upgraded (this is actually what adprep /forestprep does)

    Could you be more specific about your DNS structure and corresponding domain names ?
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"


    • #3
      Thanks for responding, Guy.
      Well, since I've posted this, we reviewed our options and looks like we will go with the "simpliest" of them - i.e. - install W2K3 DC in our existing forest. (Deploying brand new forest in such a short term seemed a bit on a crazy side )
      So, I may revise my question now:

      we have 3 domains in one forest (all in native W2K mode):,, is - root domain with a schema; has Exchange2000, and this is domain, we would like to be left with in the end.
      We don't mind to leave root DOMAIN1 as unpopulated forest root, if this is nessesary, as long as all the resources will be transferred to DOMAIN3; so basically - yes - we'd like to collapse everything to the one domain of the existing forest.

      As I haven't yet got experience in migration, this is what I came up with after researching exercise:
      We run schema fix for Exchange2000 and Forestprep on DC in DOMAIN1;
      We run domainprep;
      We install new W2K3 DC into DOMAIN3 and transfer schema and Domain Naming roles to it
      We Install new Exchange 2003 in DOMAIN3 as a second exchange server and migrate everything from Exchange2000
      We Migrate all resources and users from DOMAIN1 and DOMAIN2 to DOMAIN3

      Still left to find out:
      If there are any hidden tricks for running Forestprep or is it pretty straighforward, providing all preparations being done properly?
      Can I run Domainprep ONLY on DOMAIN3, as the only domain, where W2K3 domain controllers are going to be?
      Can I just demote my existing W2K domain controllers in DOMAIN1 and DOMAIN2 to member servers and transfer them into DOMAIN3 rather then upgrading them as DC to W2K3 and making domain native?

      Apologies for long post and thanks in advance for any responses.
      Experience is something you don't get until just after you need it


      • #4
        It looks you have already figured out the simplest way to do it.

        Before running adprep /forestpred, you should study carefully the following KB:

        You will need to follow the:
        Scenario 2: Exchange 2000 Schema Changes Are Installed Before You Run the Windows Server 2003 adprep /forestprep Command

        After you have your schema fixed and ready to be extended to W2K3 version, check the following link:

        Things to remember:
        - schema is forest-wide and schema changed should be performed at the Schema master in the root domain.
        - emty root is really not a bad thing - it leaves you the flexibility of seperating forest administration from domain administration.
        - to please the management folks you can set the UPN suffix to whatever you want and implement the UPN logons with fancy usernames like [email protected]
        - if Exchange is deployed only in DOMAIN3, all you need is to move the user accounts to this domain and create new mailboxes for them (if you move an account from domain A to B in the same forest, if I'm not mistaken, the old SID is saved in SIDHistory attribute - but you will need to double-check that. There is a good chance of me being wrong here).

        BTW, any special reason for moving Schema and Domain Naming FSMOs to DOMAIN3 ? Persoanlly I like more the idea of keeping them in the empty root so that less people will be able to mess around with it, but it probably depends on your environment and administration model.
        I would also first upgrade the root domain to W2K3 instead of first upgrading DOMAIN3 (which is a tree in the existing forest, right ?)
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"


        • #5
          With HUGE thanks to Antid0t for all his help - just completed the upgrade and it was a success. have read a lot, have thought of any possible "goes wrong" and finally this plan worked for me:
          Religiously followed ALL the steps in this KB article:
          and in addition to it:
          checked all DC for SP4 installed (apparently, this seems to be enough for any fixes required for Schema upgrade)
          checked, that AD replication is OK (used replmon)
          run InetOrgPersonPrevent.ldf (for Exchange 2000 Schema Changes)
          took schema master off network for forestprep, but run domainprep on fully online infrustructure masters.
          manually forced replication after forestprep instead of waiting for it to replicate "natural" way
          Oh, and most important thing: have created recovery plan for possible failure - this was the most useful outcome, as we never had one before
          Also this link

          proved to be very useful - compulsory reading for anyone, who's going to upgrade AD for W2K3 domain controllers.
          Best of luck for everybody
          Happy Easter
          Experience is something you don't get until just after you need it