Advice on Prune and Graft child Domain

  • 229 Views
  • Last Post 28 March 2016
Rajeev Chauhan posted this 25 March 2016

Need Advice 
We have empty root (.local)and two child domain
Empty root.local|---Abc.com|      |      |--- xyz.com
we need to migrate xyz.com to its own forest keeping name same name  xyz.com 
Any advice

Order By: Standard | Newest | Votes
g4ugm posted this 25 March 2016

Basically you can't prune and graft domains. Many folks assume you can but for a start the forest FSMO roles live in the Root domain and can't be recreated in a child.

For me this was a big  reason for only having one domain. 

I think your best bet is to migrate to a new domain with a different name and then add the old UPNs back...

Sorry


Dave

show

barkills posted this 25 March 2016

Yep. Double domain migration. I did one for a customer here at our university several years back over a weekend. They were in a shared forest we were decommissioning

(which relates to Jorge’s thread).

 

show

Rajeev Chauhan posted this 25 March 2016

Agreed 
Wanted to avoid the disjoint namespace.  Not worried on SID history.  Can we use non windows dns to create new forest and then migrated. We can integrate dns latter.


show

bdesmond posted this 25 March 2016

You’re not going to be able to create a trust with the same namespace on both sides…

 

I suppose if you don’t put Exchange in the new forest you could do a domain rename when you’re done although that’s not really something I’d want to take on

voluntarily.  

 

Thanks,

Brian Desmond

 

w – 312.625.1438 | c – 312.731.3132

 

show

g4ugm posted this 25 March 2016

Not sure what non-windows DNS servers buys you. If you are building with reasonably modern windows you can have conditional forwarding.

show

ZJORZ posted this 28 March 2016

With regards to the fqdns and the one you want to keep... Are you talking about AD domain FQDNs or SMTP FQDNs? (Or something else)
Met vriendelijke groet / Kind regards,
Jorge de Almeida Pinto
E-Mail: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
Tel.: +31-(0)6-26.26.62.80
(+++Sent from my mobile device +++)
(Apologies for any typos)


show

ZJORZ posted this 28 March 2016

The forest FSMO roles by default live in the forest root domain, and these should live there. However, you can transfer/seize the forest FSMO roles to any DC in the AD forest if you really want to. So, although you can it does not mean you should.
Met vriendelijke groet / Kind regards,
Jorge de Almeida Pinto
E-Mail: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
Tel.: +31-(0)6-26.26.62.80
(+++Sent from my mobile device +++)
(Apologies for any typos)

Rajeev Chauhan posted this 28 March 2016

Jorge 
Agreed.  AD domain is FQDN. We have a empty root with .LOCAL and then we have FQDN domain.  
We may have to do double migration as Brian A and Dave W suggested. Agreed with Brain D . Not keen on using Domain Rename.  
Thanks All 

show

Close