I just started today so what I got was- they have connectivity to the child dns server but they cut off connectivity to anything in the root domain. the firewall is blocking all root traffic. this has been like this for a week. nothing is replicating to the root and there is no access to the _msdc forest zone.
The forest is win2k native with an empty root and 1 child domain in a seperate tree. they have DA access in the child domain but no DA/EA access in the root. all the exchange servers(about 10) are in the child domain. the only recipent policy in the root is the default one and the enterprise RUS. They want to migrate the child domain and all the resources to a new forest where we have full control of everything. i assume we do not need connectivity to the _msdc forest dns zone to create a trust with the old child domain to migrate everything over(or anything in the root dns zone). I'm not 2nd guessing the Quest guys, this is only for my own education. Thanks a lot On 8/8/05, Medeiros, Jose <[EMAIL PROTECTED]> wrote: > I am sure Quest's consultant's knows what they are doing. Didn't you have > them put a quote and migration plan together prior to the actual migration? > Or are you asking these questions because you are second guessing them? Or is > this just for your own knowledge? > > My understanding is that both domain names have to be different when using > ADMT to migrate from a Source Domain to a Target Domain, unless Quest has a > tool that over comes this that I am not aware of. Are you trying to keep the > same domain name as the source? Microsoft also has a free tool that will > allow you to rename the traget 2003 AD domain as after you have completed > your migration and decommissioned old DC's. > > Jose > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Almeida Pinto, > Jorge de > Sent: Monday, August 08, 2005 2:46 PM > To: ActiveDir@mail.activedir.org; activedirectory > Subject: RE: [ActiveDir] AD migration > > > What do you mean with "In fact, they are cut off from the root domain > pyhsically. "? Do you mean as in there is not replication between the two > domains? If yes... dare I ask for how long? > > As I know of you can migrate the child domain without the root being > available because you will be having a trust between the new domain and the > child domain > > I still don't understand what you mean... They are cut off from the root and > the DNS is avlable in the root. I must be missing something. Can you explain > a bit more? > > Jorge > > ________________________________ > > From: [EMAIL PROTECTED] on behalf of Tom Kern > Sent: Mon 8/8/2005 11:08 PM > To: activedirectory > Subject: [ActiveDir] AD migration > > > > I just started working for a company. they used to outsource their > AD/Exchange but now they're trying to get it back. > > Its a 2 tree, 2 domain forest. the root domain is empty. > this company only has DA access on the child domain. No EA access. In > fact, they are cut off from the root domain pyhsically. > > What they want to do is create a new forest and migrate all > users,exchange,computers,etc to the new forest and be done with the > old. > They are going to use Quest sw and a consultant from Quest for this. > > My question is- can this be done without any connectivity to the root? > both dns zones are in the root so they really don't have any dns > locally as well(needless to say, you cam imagine what the rep logs > look like). I'm sure this complicates matters. > however, the Quest people seem to think this can still work. > can it? > > also, can the new forest have the same domain names as the old one? > > Thanks(I'm the guy who posted about his new job jitters about a week > or 2 ago, and here i am. Their AD is more messed up than I thought :) > ) > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > This e-mail and any attachment is for authorised use by the intended > recipient(s) only. It may contain proprietary material, confidential > information and/or be subject to legal privilege. It should not be copied, > disclosed to, retained or used by, any other party. If you are not an > intended recipient then please promptly delete this e-mail and any attachment > and all copies and inform the sender. Thank you. > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
