How to move an Active Directory from Server 2008 to a new server 2008 in a different network

active-directorywindows-server-2008

I want to move my old hosting setup (multiple servers in a domain) to a new more robust environment.

what is the best way to move my existing domain controller (Windows Server 2008 Standard SP1) to the new server (Windows Server 2008 R2)?

The 2 environments can't talk to each other.

Best Answer

You can move the user accounts using a numnber of import and export tools ( see Step-by-Step Guide to Bulk Import and Export to Active Directory, Import or export directory objects using csvde, and Using LDIFDE to export users from Active Directory )

That being said I would probably combine full import with creating new by creating a new AD forest and import the users only after adding the computers to the new domain. You will have to re-permission. Depending on the number of accounts and servers ignoring the old domain and rebuilding might be simpler.

Another approach I've used is to use a temporary server. In a nutshell:

add the new server to the existing old domain as a DC and replicate
verify successful replication and shut down the server
create a new forest
spin up the "old" DC, sieze the roles and verify IP connectivity to the new DCs
create a cross forest trust and follows the steps required to migrate the interforest accounts using the ADMT. See ADMT Guide: Migrating and Restructuring Active Directory Domains

Best Answer

Related Solutions

Security – Securing Active Directory domains on a potentially hostile network

Active Directory Migration – Moving from Windows Server 2003 to 2008

Related Topic