Q

How can I re-install AD but keep the old settings?

I currently have responsibility for a 60 workstation network with 2 Windows 2000 domain controllers. The current Active Directory installation is totally screwed up. What I want is a totally new active directory install. Unfortunately, I need the new domain to be named the same as the old domain. I'd also like to KEEP my existing user's settings (passwords can change).

What I could do is take my BDC, install Windows 2003 Server on it (with a new domain) and then migrate all clients AND user profiles to the new domain. Then go through this Windows 2003 domain renaming process. This will take too long for me to complete by myself in the time frame I have alotted, so I am looking for a better way.

Here's what I think might work and plan to test:
1. Create new Windows 2003 domain controller with same domain name (not attached to network).
2. Copy each user profile to a local user account (using user profile manager under 'my computer').
3. Take current Windows 2000 PDC and BDC off of the network.
4. Join the new domain with each workstation.
5. Copy the local user profile created in step 2 to the user's domain profile under the new domain.
6. Re-install the original PDC and BDC and join the new domain.
7. dcpromo the PDC and BDC back to positions of authority and demote the DC created in step 1.

Will this work? Is there a better way to do this, maybe using the Active Directory Migration tool, which I have never used?
The ADMT tool is useful, but you have eliminated that possibility by requiring that the domain be named the same. The solution that you have come up with should work. However, the user profiles will need to have the security permissions changed. Also, you will need to consider that if you have printers or file shares the security on those will need to be altered as well. When you create the new domain, despite the name being the same, the GUIDs/SIDs will all be different for all groups and users. Thus, permissions on all shared objects need to be adjusted.
This was first published in February 2004

Dig deeper on Microsoft Active Directory

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close