Parent-Child Trust

Discussion in 'Server Migration' started by Chris Lane, Jul 30, 2004.

  1. Chris Lane

    Chris Lane Guest

    Hi everyone,

    Here's my issue. I have a parent child transitive trust
    relationship between 2 Windows 2000 domains, due to my
    predecessors not knowing how to correctly implement an
    upgrade. I have built a completely brand new Windows 2003
    domain and want to phase the implementation starting with
    just hte domain then moving to the Exchange 2003 roll out
    in a couple weeks. The problem is that the Exchange 5.5
    server is in the child domain. I want to break the parent
    child relationship and set up a normal peer to peer trust
    relationship in order to associate the new user names to
    the old 5.5 accounts. It gets even better. I cannot have
    the new domain and the parent on at the same time due to
    name space issues. This is for a small government agency
    who needs to have their name space remain in tact. So you
    see my dilemma.

    I have tried dcpromo to remove the parent domain
    controller on a long shot; thinking that I could then just
    use ntdsutil to clean up the AD and that might break the
    trust.

    Any help is greatly appreciated.

    Thanks,

    Chris
     
    Chris Lane, Jul 30, 2004
    #1
    1. Advertisements

  2. Chris,

    My usggestion is that you create teh 2003 domain witha different name adn
    then utilize the rendom utility after the mgiration is complete. THis will
    result in a brief namespace change, but, I don't know fo another way.

    ADMT all you rprincipals to the new domain.
    Setup an Exchange ADC agreement between the 55 box and the new domain and
    then instlal Exchange 2003 in the new domain, joining it to the existing 5.5
    organization.
    ADMT your computers over to the new domain
    Move mailbox all your mailboxes, replicate teh PFs.
    Decommission the old domain
    Rendom the new one to the proper namespace.

    --
    --
    Brian Desmond
    Windows Server MVP
    12.il.us

    Http://www.briandesmond.com
     
    Brian Desmond [MVP], Jul 31, 2004
    #2
    1. Advertisements

  3. Hi Chris,

    Thanks for your posting here and thanks for Brian's suggestion.

    Do you mean that you create the new Windows 2003 domain with the same name
    with the original root domain?

    If so, you can also upgrade the original root domain to Windows 2003
    domain, then add the new Windows 2003 computer to the domain as a DC.

    How to upgrade Windows 2000 domain controllers to Windows Server 2003
    http://support.microsoft.com/?kbid=325379

    Then use Exmerge to export the mailbox.

    Microsoft Exchange Mailbox Merge Program (Exmerge.exe) Information
    - http://support.microsoft.com/?id=174197

    Then perform intraforest migration to migrate users from child domain to
    the root domain.

    Please refer to the Chapter 11: Intraforest Migration of Domain Migration
    Cookbook:
    http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/cookbook
    /cookch11.mspx

    More references:

    Restructuring Active Directory Domains Within a Forest
    http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deploy
    guide/en-us/dssbh_rera_overview.asp

    At last, install Exchange 2003 server on the Windows 2003 DC in the root
    domain, and import the mailboxes.

    Please refer to "Exchange Server 2003 Deployment Guide"

    http://www.microsoft.com/downloads/details.aspx?familyid=77b6d819-c7b3-42d1-
    8fbb-fe6339ffa1ed&displaylang=en

    If you have any further concern about exchange migration, I would like to
    suggest that you submit a new post in our Exchange news groups:

    microsoft.public.exchange.admin
    microsoft.public.exchange

    You will get more specific and detailed suggestions there.

    Have a nice day!

    Regards,
    Bob Qin
    Product Support Services
    Microsoft Corporation

    Get Secure! - www.microsoft.com/security

    ====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Bob Qin [MSFT], Aug 2, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.