Options for fixing non-FQDN "single-label" Domain

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello all. I just recently inherited control of a 2000 Domain with
700+ users that was apparently not designed very well. I have tracked
the root of most of my problems down to the fact that it has a
non-FQDN or "single-label" domain name ("company", NOT
"company.local" or "company.com"). I have been reading up on the
options for correcting such a scenario, but it’s hard to tell which
option is best. All I’m really concerned about is retaining my AD
data (users, accounts, profiles, etc.). And of course not having to
reinstall all my server apps would be nice too.

Is upgrading to server 2003 and using the "rename" option my best
bet? Is it safe? Would it be smart for me to bring up a peer DC to
"backup" my domain before beginning such a process? (We only have
one DC currently.) What other options do I have (if any) to get all
my AD data into a correctly named domain?

Thanks very much in advance,

Josh-

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/DNS-Options-fixing-FQDN-quot-single-label-quot-Domain-ftopict275672.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=873958

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

You didn't mention which documents you've been reading. I believe that the
archive on this NG has lots of information on correcting (or living with) a
single-labeled domain.

something like http://support.microsoft.com/kb/300684 may be helpful.

Upgrading to W2K3 and doing a rename is not really all that easy. It is
easier now, but easier is not the same as easy. Given the option between
migrating to a new domain and doing a rename, I'd vote for migration. You
could use something like ADMT to an entirely new domain where the name is as
you want it to be. ADMT will let you "retain" you
users/accounts/profiles/etc.

Now, the fact that you have only one DC should be of more concern to you
right now. Why, because if you lose that DC, you are in a HUGE pile of
unspeakables.

--

Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"topkat2000" <UseLinkToEmail@WindowsForumz.com> wrote in message
news:423077a8$1_5@alt.athenanews.com...
> Hello all. I just recently inherited control of a 2000 Domain with
> 700+ users that was apparently not designed very well. I have tracked
> the root of most of my problems down to the fact that it has a
> non-FQDN or "single-label" domain name ("company", NOT
> "company.local" or "company.com"). I have been reading up on the
> options for correcting such a scenario, but it's hard to tell which
> option is best. All I'm really concerned about is retaining my AD
> data (users, accounts, profiles, etc.). And of course not having to
> reinstall all my server apps would be nice too.
>
> Is upgrading to server 2003 and using the "rename" option my best
> bet? Is it safe? Would it be smart for me to bring up a peer DC to
> "backup" my domain before beginning such a process? (We only have
> one DC currently.) What other options do I have (if any) to get all
> my AD data into a correctly named domain?
>
> Thanks very much in advance,
>
> Josh-
>
> --
> Posted using the http://www.windowsforumz.com interface, at author's
> request
> Articles individually checked for conformance to usenet standards
> Topic URL:
> http://www.windowsforumz.com/DNS-Options-fixing-FQDN-quot-single-label-quot-Domain-ftopict275672.html
> Visit Topic URL to contact author (reg. req'd). Report abuse:
> http://www.windowsforumz.com/eform.php?p=873958

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:423077a8$1_5@alt.athenanews.com,
topkat2000 <UseLinkToEmail@WindowsForumz.com> commented
Then Kevin replied below:
> Hello all. I just recently inherited control of a 2000
> Domain with
> 700+ users that was apparently not designed very well. I
> have tracked
> the root of most of my problems down to the fact that it
> has a
> non-FQDN or "single-label" domain name ("company", NOT
> "company.local" or "company.com"). I have been reading
> up on the
> options for correcting such a scenario, but it's hard to
> tell which
> option is best. All I'm really concerned about is
> retaining my AD
> data (users, accounts, profiles, etc.). And of course
> not having to
> reinstall all my server apps would be nice too.
>
> Is upgrading to server 2003 and using the "rename" option
> my best
> bet? Is it safe? Would it be smart for me to bring up a
> peer DC to
> "backup" my domain before beginning such a process? (We
> only have
> one DC currently.) What other options do I have (if
> any) to get all
> my AD data into a correctly named domain?

I agree with Deji, a single-label domain is bad, a single-label domain with
only one DC and 700+ users is a huge gamble.

Build a new domain on another machine, use ADMT to migrate all the accounts
and SIDs to the new domain, demote the single-label DC then re-promote it to
the new domain.
This way user accounts, profiles, your applications are all migrated to the
new domain. The only thing the users will notice different is the NetBIOS
domain name. The new domain will need to have a different NetBIOS name so
you can create the trust before using ADMT.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

Deji Akomolafe wrote:
> You didn't mention which documents you've been reading. I believe
> that the archive on this NG has lots of information on correcting (or
> living with) a single-labeled domain.
>
> something like http://support.microsoft.com/kb/300684 may be helpful.
>
> Upgrading to W2K3 and doing a rename is not really all that easy. It
> is easier now, but easier is not the same as easy. Given the option
> between migrating to a new domain and doing a rename, I'd vote for
> migration. You could use something like ADMT to an entirely new
> domain where the name is as you want it to be. ADMT will let you
> "retain" you users/accounts/profiles/etc.
>
> Now, the fact that you have only one DC should be of more concern to
> you right now. Why, because if you lose that DC, you are in a HUGE
> pile of unspeakables.

Maybe, just maybe, if topkat's domain is still in mixed mode, he can opt to
put an NT4 BDC into the domain, demote the W2k DCs, promote the NT4 to a PDC
and upgrade that to W2k or W2k3 but this time correctly naming the domain.
THis will alleviate his losing his users and other objects.

But of course, if Exchange 2000 is involved here, we've got a problem. Even
though it's the same domain name, Exchange still uses Kerberos for
authentication, and that will be gone when the current DCs are dumped. When
creating a new AD domain (even if the same domain and user accounts), the
domain certificate created will be different and I *believe* Exchange will
dump on that. I think a reinstall of Exchange but not before using Exmerge
to pull out all the mailboxes, will work, and then pulling the mailboxes
back in. The Exchange server name will still be the same, so profiles will
not need to be changed.

But all of this is based on if the domain is still in MIXED MODE.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Paramount: What's up with taking Enterprise off the air??
Infitinite Diversities in Infinte Combinations.
=================================