migration planning, need suggestions/advice

Discussion in 'Active Directory' started by Phillip Drummond, Sep 26, 2007.

  1. getting down to the wire now so i need to make final decisions...
    currently have 3 forests, each with 1 domain. 1 domain has an exchange org.
    need to consolidate all of this into a new forest with a new exchange org.

    the new forest will be a simple one with only a secure root domain, and an
    HQ child domain.
    so the users and machines from the current 3 domains will be moved into the
    HQ domain.

    does everyone recommend ADMT?
    if so what gotchas can i expect?
    can ADMT handle this job easily?
    how will existing mailboxes be handled?
    is there true domain synchronization?
    when its over is the new domain a mess that needs tons of cleanup?

    i have done several very large migrations but have always used Quest tools.
    i am not familiar with ADMT.
    if someone with experience could give me a VERY high level step by step as
    to what order i should do things in,
    based on your experience, i would greatly appreciate it.

    thank you
     
    Phillip Drummond, Sep 26, 2007
    #1
    1. Advertisements

  2. Phillip Drummond

    Jorge Silva Guest

    Hi
    Check inline:
    Secure root Domain? what is that?
    Doesn't sound a good option to have a child domain with that description.
    ADMT is good and easy to implement.
    The best is to test it, but most situations everything goes well.
    You don't mentioned anything about exchange in the second forest, but you
    can use the exchange migration tool to migrate the mailboxes to the other
    fores and then connect the mailboxes to the user accounts. You can get more
    detail about this in MS sweb site or in Exchange ngs.
    No. Is an object migration.
    You only migrate what you want to, so you shouldn't need to clean nothing
    after migration.
    Download the White paper ADMT and test it on a lab..
    everything is in MS web site and how to use that tool.


    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Sep 26, 2007
    #2
    1. Advertisements

  3. thank you. yes, the root domain will exist solely to hold child domains.
    there will be no users or computers in the root domain.

    does ADMT include the exchange migration piece or is this a separate tool?
    the new forest will have a new exchange org
     
    Phillip Drummond, Sep 26, 2007
    #3
  4. Phillip Drummond

    Jorge Silva Guest

    thank you. yes, the root domain will exist solely to hold child domains.
    In my opinion this is a bad design, and all it does "according with your
    needs" is a waste of resources, hardware and people.
    Is a separate tool, comes with exchange.

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Sep 26, 2007
    #4
  5. the root/child design allows for growth and delagation of rights at the
    domain level. its actually a microsoft recommended design for the type of
    growth we expect
     
    Phillip Drummond, Sep 26, 2007
    #5
  6. with ADMT in my configuration, will i have to do migrate one domain at a
    time to the target domain? or can i do multiple? if only one, how do you
    recommend i go about this so that there are no permission problems while one
    domain is migrated and others are not?
     
    Phillip Drummond, Sep 26, 2007
    #6
  7. Phillip Drummond

    Jorge Silva Guest

    Inline:
    I don't see the need. You can do delegation at the top root domain, you
    don't gain anything by having child domains to do that. Remember Domains are
    not Security Boundaries, only Forests are.
    http://www.microsoft.com/downloads/...7B-533A-466D-A8E8-AFF85AD3D212&displaylang=en
    http://www.microsoft.com/downloads/...70-3BBB-4B9E-A8BC-01E9F7EF7342&displaylang=en


    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Sep 26, 2007
    #7
  8. the design aloows for true separation during mergers and acquisitions...
    most companies, when bought out dont want to become an OU in someone elses
    domain. so this allows us to create child domains for them, and allow them
    to simply control their own domain without having to granularly delagate
    rights at the ou level... make sense?

    how does ADMT handle mailboxes? or doesnt it? in other words when i migrate
    a user will their mailbox be created in the new domain or will i have to
    either manually create a mailbox for every user, or use exchange mnigration
    tools after the user is migrated?
     
    Phillip Drummond, Sep 27, 2007
    #8
  9. Phillip Drummond

    kj [SBS MVP] Guest

    The forest empty root domain faded from popularity when the true AD security
    boundary (forest) was understood. Many "recommendations" remain in MS KB's
    that are really obsolete. If you have a TAM, you could be eligible for a
    free MCS AD design review which would well be worth your while. You have
    alternative choices for your design objectives.
    ADMT doesn't migrate anything Exchange. You will need to use Exchange
    migration tools, Exchange version dependant.
     
    kj [SBS MVP], Sep 27, 2007
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.