Logo
programming4us
programming4us
programming4us
programming4us
Home
programming4us
XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
Windows Server

Microsoft Exchange Server 2007 : Upgrading Separate AD Forests to a Single Forest Using Mixed-Mode Domain Redirect (part 1)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/16/2014 1:50:30 AM
Active Directory domains that are running in Windows 2000 Mixed mode can be joined into a separate forest without the need for domain migration tools or workstation reboots. To accomplish this, however, you must run a previously unknown process known as Mixed-Mode Domain Redirect on the environment.

Mixed-Mode Domain Redirect is useful in situations in which branch offices have deployed their own separate Active Directory forests, and the need later surfaces to join these disparate forests into a single, common forest. It is also useful in corporate acquisitions and mergers, where separate forests are suddenly required to merge into a single, unified directory.

1. Prerequisites and Limitations of the Mixed-Mode Domain Redirect Procedure

The first prerequisite for Mixed-Mode Domain Redirect is that each Active Directory domain in a forest must be running in Windows 2000 Mixed mode. If an organization needs to merge forests but has already gone to Windows 2000 Native mode, other procedures such as using the Active Directory Migration Tool or synchronizing directories must be utilized instead.

A big caveat and limitation to this approach is that Windows 2000/XP/2003 clients might already view the domain as an Active Directory domain, requiring themselves to be rejoined to the domain or have their machine/domain password relationship reset using the netdom utility after the operation is complete. Unfortunately, there is no way around this as these client machines eventually discover that their NT domain has become an AD domain, and adjust themselves accordingly. Postoperation, it becomes necessary to identify these machines and rejoin them to the new domain structure. This caveat does not hold true for Windows NT 4.0 clients, however.

In addition, this procedure also requires several reboots of existing domain controller servers and is, therefore, best performed on a weekend or over a holiday.

2. Mixed-Mode Domain Redirect Procedure

The concept behind Mixed-Mode Domain Redirect is simple: Take an existing Active Directory domain, downgrade it to a Windows NT 4.0 domain, and upgrade it back into a different environment, as illustrated in Figure 1.

Figure 1. The Mixed-Mode Domain Redirect procedure.


The example in the diagrams and in the following sections is based on a fictional scenario. You can modify this scenario, however, to include any environment that satisfies the prerequisites outlined previously.

In this scenario, CompanyXYZ has been acquired by CompanyABC, and the need has arisen to merge the CompanyXYZ Windows 2000 forest with the CompanyABC Windows Server 2003 forest. Because the CompanyXYZ domain is running in Windows 2000 Mixed mode, the staff determined that using the Mixed-Mode Domain Redirect procedure would be the most straightforward approach, and there would be no need to change any client settings.

Establishing a Temporary Windows 2000 Domain Controller

The first step in the Mixed-Mode Domain Redirect process is identifying two temporary servers that will be needed in the migration. These servers do not necessarily need to be very fast servers because they will be used only for temporary storage of domain information.

The first temporary server should be set up as a Windows 2000 domain controller in the current Active Directory domain. After the operating system is loaded (Windows 2000 Server or Advanced Server), you can run the dcpromo command to make it a domain controller in the current domain, per the standard Windows 2000 domain controller upgrade procedure. In addition, this domain controller does not need to be made into a global catalog server.

In the merger scenario, the temporary server SFDCTEMP01 is built with Windows 2000 and Service Pack 3 and added to the companyxyz.com Windows 2000 domain, where it becomes a domain controller, as illustrated in Figure 2. The current domain controllers—SFDC01, SFDC02, LADC01, and SDDC01—are illustrated as well. These four domain controllers will be migrated to the new environment.

Figure 2. Establishing a temporary domain controller.


Moving Operations Master Roles and Demoting Existing Domain Controllers

After the new server is introduced to an environment, the five OM roles must be moved from their existing locations and onto the temporary server. This can be done by using the ntdsutil utility.

In the merger example, the Schema Master and Domain Naming Master OM roles were moved from SFDC01 to SFDCTEMP01, and the OM roles of PDC Emulator, RID Master, and Infrastructure Master were moved from SFDC02 to SFDCTEMP01.

Demoting Production Domain Controllers

Because the old Active Directory forest will be retired, you need to run dcpromo on the remaining domain controller servers and demote them from domain controller duties. This effectively makes them member servers in the domain and leaves the only functional domain controller as the temporary server built in the preceding section.

In the merger example, as illustrated in Figure 3, SFDC01, SFDC02, LADC01, and SDDC01 are all demoted to member servers, and only SFDCTEMP01 remains as a domain controller.

Figure 3. Demoting production domain controllers.



Other -----------------
- Windows Server 2012 : Provisioning and managing shared storage (part 7) - Managing shared storage - Managing volumes, Managing shares
- Windows Server 2012 : Provisioning and managing shared storage (part 6) - Managing shared storage
- Windows Server 2012 : Provisioning and managing shared storage (part 5) - Provisioning SMB shares - Creating general-purpose SMB shares
- Windows Server 2012 : Provisioning and managing shared storage (part 4) - Provisioning SMB shares - Configuration options for SMB shares, Types of SMB shares
- Windows Server 2012 : Provisioning and managing shared storage (part 3) - Provisioning shared storage - Creating volumes
- Windows Server 2012 : Provisioning and managing shared storage (part 2) - Provisioning shared storage - Creating virtual disks
- Windows Server 2012 : Provisioning and managing shared storage (part 1) - Provisioning shared storage - Creating a storage pool
- Microsoft Exchange Server 2010 : Completing Transport Server Setup (part 8) - Configuring Transport Rules
- Microsoft Exchange Server 2010 : Completing Transport Server Setup (part 7) - Configuring Journal Rules
- Microsoft Exchange Server 2010 : Completing Transport Server Setup (part 6) - Verifying Edge Subscriptions, Removing Edge Subscriptions
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server