Changing from single label domain
Geir Holmavatn
We have a single label domain name with our win 2003 and 2000 servers. Now
I want to change this due to dns problems etc..
We don't have any public services from our servers and our web pages is
hosted by our ISP. Say that our publicdomain name is
'ourschool.region.edu', should we make our internal LAN domains as
subdomains of this public domain or what is normal in this case? Our
current domains are just single label domains like 'ourschool' and
'ourstudents'.
Thanks for suggestions and comments as of the names.
So the second issue. Can we somehow change the domain from single label to
the new name without two days work?? What is the best and safest method?
What would be needed to be done witth the client computers in this case?
Thanks for some light on these issues
regards
Geir
SIME via WinServerKB.com
These statements.....
"We don't have any public services from our servers "
and
"Say that our publicdomain name is 'ourschool.region.edu'"
Seem at odds with each other, is ourschool.region.edu a publicly registered
DNS name - if it is then you will more than likely want to use the child
namespace as your internal domain - such as internal.ourschool.region.edu or
ad.ourschool etc
If ourschool.region.edu is going to be the root of your AD domain MS suggest
registering it as a public DNS name anyway but if it wont provide any public
services EVER you could use it as your internal domain name
Regarding changing the domain name, I saw a article recently saying that if
your forest/domain are at 2k3 functional level you can change the
domain/forest name relatively easily - if not , and I guess yours arent if
you have 2K DC's then it will be more difficult - ie you will probably have
to create an entirely new DC with your new domain name and migrate everything
over to it then demote the DC's and re promote as member of the new domain
Regards
S
seem to be
--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/windows-server-dns/200512/1
Geir Holmavatn
news:58d2c062df060@uwe...
> These statements.....
> "We don't have any public services from our servers "
> and
> "Say that our publicdomain name is 'ourschool.region.edu'"
>
Hi 'S'
I wrote: "We don't have any public services from our servers and our web
pages are hosted by our ISP". What I meant to say was that the internet DNS
record for ourschool.region.edu is pointing at our ISP's http server(s) and
not to our local in-house servers. Sorry for expressing myself not clearly.
What I understand from your response is that it would be perfectly normal if
we named our two local domains like students.ourschool.region.edu and
teachers.ourschool.region.edu. Both are separate subnets with their own DCs
due to security regulations.
> Regarding changing the domain name, I saw a article recently saying that
if
> your forest/domain are at 2k3 functional level you can change the
> domain/forest name relatively easily - if not , and I guess yours arent if
> you have 2K DC's then it will be more difficult - ie you will probably
have
> to create an entirely new DC with your new domain name and migrate
everything
> over to it then demote the DC's and re promote as member of the new domain
Any clue where you found this article...?
regards
Tor
Kevin D. Goodknecht Sr. [MVP]
Until all DCs are upgraded to Win2k3 and the domain is raised to Windows
Server 2003 functional level you cannot rename the domain.
Your only options at this time are to upgrade all DCs then rename or build
two new domains on separate servers, then use ADMT to migrate the accounts
to the new domains. Either of these are further complicated if Exchange is
in the mix, but should be done to get out of the single-label domain
predicament.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Ace Fekay [MVP]
Geir Holmavatn <news...@holmavatn.no> stated, which I commented on below:
> Any clue where you found this article...?
If a 2000 domain, follow what SIME and Kevin suggested as far as installing
a new domain and migrating objects over.
The article on how to rename a pure Windows 2003 domain in a forest that
both Forest and all the domains in the forest are set to Domain Functional
2003 Levels:
Windows Server 2003 Active Directory Domain Rename Tools including the
presentation and transcripts:
http://www.microsoft.com/windowsserver2003/downloads/domainrename.mspx
Here's a webcast on it too that I suggest to view prior to attempting it:
819145 - Support WebCast Microsoft Windows Server 2003 Implementing an
Active Directory Domain Rename Operation:
http://support.microsoft.com/default.aspx?scid=kb;en-us;819145&Product=winsvr2003
Also, if you have Exchange 2000 or 2003, or an Enterpise (AD) Certificate
Authority installed, it will further complicate it. View the transcript and
presentation to get a full view of what is involved.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
If you are having difficulty in reading or finding responses to your post,
instead of the website you are using, I would suggest to use OEx (Outlook
Express or any other newsreader of your choosing), and configure a newsgroup
account, pointing to news.microsoft.com. This is a direct link into the
Microsoft Public Newsgroups, and it is FREE and DOES NOT require a Usenet
account with your ISP. With OEx , you can easily find your post and watch &
track threads, sort by date, poster's name, watched threads or subject.
Not sure how? It's easy and you'll enjoy it
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Assimilation Imminent. Resistance is Futile.
Infinite Diversities in Infinite Combinations.
=================================
Rod Janson
----- Original Message -----
From: "Geir Holmavatn" <news...@holmavatn.no>
Newsgroups: microsoft.public.windows.server.dns
Sent: Wednesday, December 14, 2005 3:00 PM
Subject: Re: Changing from single label domain
> "SIME via WinServerKB.com" <u11670@uwe> skrev i melding
> news:58d2c062df060@uwe...
> > These statements.....
> > "We don't have any public services from our servers "
> > and
> > "Say that our publicdomain name is 'ourschool.region.edu'"
> >
> > Seem at odds with each other, <snip>
>
> Hi 'S'
>
> I wrote: "We don't have any public services from our servers and our web
> pages are hosted by our ISP". What I meant to say was that the internet
> DNS record for ourschool.region.edu is pointing at our ISP's http
server(s)
> and not to our local in-house servers. Sorry for expressing myself not
> clearly enough.
If possible I'd just like to have a comment on whether it is normal or not
to have the internal domain name as a subdomain of the public domain even if
the public domain (name) is hosted by an ISP and has no direct link to our
internal network:
> What I understand from your response is that it would be perfectly normal
> if we named our two local domains like students.ourschool.region.edu
> and teachers.ourschool.region.edu. Both are separate subnets with their
> own DCs due to security regulations.
regards
Geir
Ace Fekay [MVP]
Rod Janson <rod...@janson.net> stated, which I commented on below:
> If possible I'd just like to have a comment on whether it is normal
> or not to have the internal domain name as a subdomain of the public
> domain even if the public domain (name) is hosted by an ISP and has
> no direct link to our internal network:
>
>> What I understand from your response is that it would be perfectly
>> normal if we named our two local domains like
>> students.ourschool.region.edu
>> and teachers.ourschool.region.edu. Both are separate subnets with
>> their own DCs due to security regulations.
>
> regards
>
> Geir
"Normal" is a relative term. What is normal to one can be bizarre to
another. :-)
As for a subdomain as the start of your AD namespace, that is just one
design concept. The start of your AD namespace can be corp.domain.com, where
domain.com is your external domain name, and corp.domain.com is your
internal namespace, and they have nothing to do with each other.
You can also choose the same domain name, which involves a little
administrative overhead to get to your external website and other external
resources, such as www, ftp, etc, and only really involves making those
resource names and providing their IPs. Another way is to delegate the www
record to the external SOA of the public zone.
You can also choose a completely separate name, such as domain.internal,
domain.corp, or domain.net (provided it;'s not used externally).
What you choose is based on what your directory services and security
requirement are in your infrastructure which of course are based on your
business model. I hope the following articles help out.
254680 - DNS Namespace Planning:
http://support.microsoft.com/default.aspx?scid=kb;en-us;254680
Download details Windows Server 2003 Active Directory Branch Office Guide:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9353A4F6-A8A8-40BB-9FA7-3A95C9540112&displaylang=en
Active Directory - (scroll down for the design section)
http://www.microsoft.com/activedirectory
Sample Active Directory Chart - TechRepublic:
http://techrepublic.com.com/5138-6240-728948.html
Ace