20. juni 2001 - 15:13Der er
20 kommentarer og 1 løsning
Ændring af Domain-navn!!!
Hej eksperter Jeg har et problem..... Jeg har opbygget et netværk bestående af 8 Windows 2000 Servere med Active Directory. Domainnavnet satte jeg til domain.net. Nu er situationen således at efter implementering af Exchange 2000 oprettes mine brugeres mail med @domain.net istedet for domain.dk. Kan jeg ændre dette således at mit domain-navn hedder domain.dk??? /FinnRas
>>nanoq Det kan ikke lade sig gøre at installere serverne forfra, da der er MANGE gigabyte data på dem. Jeg har overvejet at fjerne alle fra domainet men vi bruger Active directory.....sååå det er heller ikke en løsning. Jeg forestiller mig at man måske skal rode i schema-databasen..... /FinnRas
nanoq har løsningen. Installer en ny domæne controller med domænenavn domain.dk! Brug værktøjer som ActiveDirectoryMigrationTool (ADMT.exe) for at migrere brugere etc. Geninstaller de andre Dc\'ere.
nanoq>> Hvad så med rettigheder på filerne - der vil vel komme en SID ændring på brugere når de migreres?? Der er tale om 180 GB data - det vil tage en krig at lave backup/restore. Selvfølgelig laves der daglig backup.....mmmeeenn :-)) Jeg vil under alle omstændigheder installere det nye domain - og så prøve skridt for skridt.
Det kan desværre ikke lade sig gøre at lave det via migration/oprettelse af nyt domain. Årsagen er at vores Exchange Server 2000 kører i Native mode, hvilket forhindre mig i at flytte brugernes mailbox over på en Exchange 5.5 server. Hva\' dælen skal man så gøre?? /FinnRas
Jeg ville ha\' oprettet en helt ny skov og lavet trust mellem den nye skov og den gamle og så stille og rolig trukket det hele over; med værktøj i Windows 2000 ResourceKit som - SubInACL, Movetree, Move USer og admt.exe. Så installerer du en ny Exchange 2000 server og migrerer post over til den nye!?
Hvad mener du med at der ikke komme en løsning? Du har fået en løsning og udover det fået beskrevet en fremgangnmåde på hvordan det skal gøres! Hvad mere ønsker du? Og udover det accepterer du dit eget svar uden at belønne dem som har bidraget til at gøre det klart for dig hvad løsningen er!
Det er MEGET forkert af dig at tage point igen bare fordi løsningen ikke passer dig.
Løsningen ER den der er nævnt.
Faktisk har vi i den forgangne weekend omdøbt vores domæne. Dette var fremgangsmåden:
- vi installerede en ny DC, med det nye domænenavn - vha. ADMT (Active Directory Migration Tool) flyttede vi alle brugerprofiler mv. til det nye AD. - vi havde lidt bøvl med printere, så de blev oprettet forfra. - Alle andre servere blev meldt ud af det gamle domæne, og ind i det nye. - Til sidst var vi rundt ved alle arbejdsstationer for at melde dem ind i det nye domæne.
Alt i alt tog det vel 20 timer for 4 mand at rette alt igennem for 8 servere og et par hundrede arbejdspladser.
Og det gik let og smertefrit.
Så igen... du har fået det korrekte svar, og burde derfor have accepteret.
Jeg beklager at I ikke er enige i pointdelingen!! Men efter min opfattelse er de fremkomne ikke løsninger men flytning af brugere fra et domain til et andet.... Jeg vil ikke ud i at skulle gøre dette, men ville ha\' en OMDØBNING af domainet. Jeg har hørt at det skulle kunne lade sig gøre via omveje \"schema\" eller lignende, derfor oprettelsen af dette spørgsmål.
Årsagen til at jeg bragte spørgsmålet op var IKKE at få af vide at det ikke kan lade sig gøre....det er da ikke et brugbart svar!!! Jeg VED at det kan lade sig gøre, derfor 250 point til vedkommende der kunne svare på det...ellers bad luck!! /FinnRas
Microsoft bringer den offecielle løsning, men som du sikker ved findes der alverdens smutveje i stort set alle Microsofts produkter som de ikke oplyser om. Derfor er det ret sikkert at Microsoft ikke oplyser om en disideret omdøbning!!! /FinnRas
Problemet med en \"omdøbning\" er, at domænenavnet jo langt fra kun er registreret et enkelt eller 2 steder. Hele AD er bygget op omkring dette domænenavn. Alle AD objecter har domænenavnet registreret. Dette er en af grundende til, en omdøbning ikke er mulig.
SUMMARY Although you can rename a Windows 2000 domain in some situations that are described in this article, Microsoft highly recommends that you decide on the Fully Qualified Domain Name (FQDN) for DNS before you actually create a new domain or before you upgrade the domain from Windows NT 4.0 to Windows 2000. After you create the domain, you cannot rename a Windows 2000 domain controller. Renaming the domain involves a considerable amount of work, and it is only possible in a scenario that meets the following conditions:
You have to keep the Windows 2000 domain in Mixed mode. After you change it to Native mode, you cannot return the domain to Mixed mode, thereby rendering renaming impossible. To determine the mode in which the domain is currently running, expand Active Directory Users and Computers, right-click the domain name, and then click Properties . The mode appears in the Domain operation mode dialog box.
For additional information about the different modes, click the article number below to view the article in the Microsoft Knowledge Base: Q186153 Modes Supported by Windows 2000 domain controllers Because the domain is in Mixed mode, it must also either have one or more existing Windows NT 4.0 backup domain controllers (BDCs), or computers that are available to use as Windows NT 4.0 BDCs.
Because you must demote all existing Windows 2000 domain controllers to member servers before you rename the domain controller, review the following information in terms of logistics: The renaming can only take place after you revert the domain back to Windows NT 4.0, and then during the upgrade to Windows 2000, after you have renamed it with the desired DNS (FQDN) name. The NetBIOS domain name remains the same.
If you have created one or more child domains, you have to revert the child domains back to Windows NT 4.0 first, and then revert the parent domain. Next, you rename the parent when you upgrade it to Windows 2000, and then you bring the child domain up again when you upgrade it to Windows 2000. The amount of time that this process requires depends on the number of Windows 2000 domain controllers that are in the domain, in addition to their physical location.
MORE INFORMATION If your scenario meets the conditions listed in the "Summary" section of this article, you can use the following steps to rename the Windows 2000 domain. These steps involve a single domain situation. If a child domain exists:
Complete the same steps to revert the domain back to Windows NT 4.0 on the child domain first, and then you stop after you complete step 6.
Complete steps 1 through 8 on the parent domain.
After you revert the parent domain back to Windows NT 4.0, and then upgrade it back to Windows 2000 with the desired name, you can complete the final upgrade steps to Windows 2000 on the former child domain, during which you make it a Windows 2000 child domain again.
To Rename a Windows 2000 Domain Create a backup of any and/or all domain controllers that may be involved in this process.
If there are no existing Windows NT 4.0 BDCs in the Windows 2000 domain, then you have to install one that is preferably running service pack 6 or 6a. If you want, you can install a second BDC and then physically remove it from the domain to serve as a backup for the domain information as it contains all of the domain user accounts, and the Security Accounts Manager (SAM) and security information.
Allow sufficient time for this BDC to acquire all domain security and SAM information. To force a full SAM/security database replication, run the following command on the BDC: net accounts /sync A record of the successful full replication events should be logged in the System log.
If there is only one Windows 2000 domain controller in the domain, leave the Windows NT 4.0 BDC connected to the network, and physically remove the Windows 2000 domain controller from the network. If you have only one Windows 2000 domain controller, you can perform step 6 now before you continue with the demotion of the Windows 2000 domain controller.
You must now demote all the Windows 2000 domain controllers to member servers by running the dcpromo command on the actual domain controller. To run this command, click Start , click Run , type dcpromo , and then click OK . If there are more than one Windows 2000 domain controller, run dcpromo on each of them to make each one a member server, until there is only one Windows 2000 domain controller remaining.
Now you can disconnect the Windows 2000 domain controller from the network, while leaving the Windows NT 4.0 BDC connected. Run dcpromo on this last domain controller, and be sure to choose the last domain controller in the domain option. When this completes, and the computer restarts, it will be a member server in a work group, which you can then rejoin to the domain if you want to. If you disconnected one Windows 2000 domain controller in step 4, then you simply run the dcpromo command on it as described in this step.
Note : To run dcpromo successfully, the network adapter must detect a network connection. Therefore, the Windows 2000 domain controller must be attached to an active hub or switch, even if there are no other connections to the hub or switch, and it is isolated from everything else which is desired.
Open Server Manager on the Windows NT 4.0 BDC and promote this computer to a primary domain controller (PDC). If a message appears stating that it cannot contact the PDC and asks if you want to continue, click Yes , and then complete the promotion. When this is complete and the server restarts, verify in Server Manager that the computer it is now described as the PDC.
Upgrade this Windows NT 4.0 PDC to Windows 2000. When the Windows 2000 upgrade is complete, the computer restarts to begin the Active Directory installation. During this process, enter the desired domain name.
If you have demoted other Windows 2000 domain controllers earlier, you can now promote them back to domain controllers by running dcpromo on them.
Synes godt om
Ny brugerNybegynder
Din løsning...
Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.