Manage Learn to apply best practices and optimize your operations.

Managing Windows Server 2003 Active Directory forests

Our company has three separate Windows Server 2003 forests spanned across three states. We recently implemented an MPLS VPN Tunnel linking the two remote sites to our corporate site. My ultimate goal is to manage this network as one forest and make both remote sites a child domain of the corporate site. I know this can be easily done by removing Active Directory from both sites and then joining them to corporate domain as a child, but that would still require recreation of user accounts and having to visit all machines to readd them to the new domain. I know there has to be an alternate method. Any input would be appreciated.
I would recommend that you take a look at the Active Directory Migration Tool, which is a free download available at: http://www.microsoft.com/downloads/details.aspx?FamilyID=788975b1-5849-4707-9817-8c9773c25c6c&DisplayLang=en.

This tool will allow you to restructure or consolidate Active Directory forests as you describe, including migrating...

computer accounts and user account passwords. There are also third-party tools from NetIQ and Quest.

This was last published in June 2005

Dig Deeper on Windows Server and Network Security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.