Hello everyone, I'm looking for some peer feedback on part of a migration
plan.
We are currently an NT4 environment. We've decided to go with W2k3 & AD
for our migration. We're doing a parallel migration into a W2k3 Native
functional level forest. This was specifically to give us easier roll-back
capability and to allow us to leave *most* of the "junk" behind. The
unorthodox parts of the migration are as follows:
The AD forest will have an empty PFR (protected forest root) domain, and
all users and various other objects will go into a child domain. The child
FQDN of the child domain will be logically named based on our
infrastructure standards, but the *netbios* name of the child domain will
be the same as our NT4 domain. No I'm not crazy...and it is possible. The
DCs of the AD forest will each sit on a separate VLAN than the servers in
the NT4 domain. This setup keeps netbios broadcast traffic separate. This
also keeps the domains from seeing their respective twin. Correspondingly
they aren't answering each other's requests for service. Also since the
DCs are on separate VLANs from the NT4 domain, they are also on different
subnets. Although the setup will be well documented, if someone were to
*accidentally* plug one of the AD DCs into the wrong port, it wouldn't
matter since the DC wouldn't be able to communicate with its IP on the
wrong subnet.
The reason the NetBIOS names are being kept the same is for ease of
migration, specifically application migration. We have about 500 servers
and have a very large number of server based application running. As with
many environments, we're sure that there are applications that have the
domain name hardcoded or manually entered and thus not easily changed.
This migration method would seem to allow us to get the best of all worlds.
The caveats that I've encountered thus far actually exist with 3rd party
migration applications. Migration applications tend to see the migration
as being from Domain A to Domain A even when specifying particular domain
controllers. If the respective migration tool would either ignore NetBIOS
names or only use DNS names, their would be no issue.
Has anyone else tried this before? Is this actually a common path?
Any constructive feedback would be appreciated.
Eric Jones, Senior SE
Intel Server Group
(W) 336.424.3084
(M) 336.457.2591
www.vfc.com
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
