Agreed and Trusts are so not fun to setup if you have a very disjointed forest. Having one forest makes it almost simple to do things.
Jon On Wed, Sep 17, 2008 at 9:12 AM, Ken Schaefer <[EMAIL PROTECTED]> wrote: > Up to you whether you want to do that or not. Lots of orgs do it either > way. > > You can have corp.aspca.org for your internal root forest. > > Cheers > Ken > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, 17 September 2008 10:44 PM > > To: NT System Admin Issues > > Subject: Re: AD migration - how do I do this? > > > > Yup! I'd concluded that months ago. For all that, though, wouldn't it > be > > better if we went with something like "aspca.internal" (or .int, or > > .local, etc)? Just to keep the "private" domains separate from the > public > > "aspca.org"? > > -------------------------------------- > > Richard McClary, Systems Administrator > > ASPCA Knowledge Management > > 1717 S Philo Rd, Ste 36, Urbana, IL 61802 > > 217-337-9761 > > http://www.aspca.org > > > > > > "Jon Harris" <[EMAIL PROTECTED]> wrote on 09/17/2008 07:37:44 AM: > > > > > Sounds like ASPCA.org needs to create an empty root domain and then > > > add theirs to it then when you create > > > il.ASPCA.org<http://il.aspca.org/>it would go into > > > the root domain as well. > > > > > > Jon > > > > > On Wed, Sep 17, 2008 at 8:21 AM, <[EMAIL PROTECTED]> wrote: > > > Thanks! > > > > > > Although I often use terms which could be abreviated "SBS", I believe > > > you're referring to a specific product which we don't run. > > > > > > Last night, I realized our network would still end up being very ugly! > > > Their AD domain is "nyc.aspca.org". If we join as a child domain, > we'd > > be > > > stuck with "il.nyc.aspca.org". YUCK! > > > -------------------------------------- > > > Richard McClary, Systems Administrator > > > ASPCA Knowledge Management > > > 1717 S Philo Rd, Ste 36, Urbana, IL 61802 > > > 217-337-9761 > > > http://www.aspca.org > > > > > > > > wjh <[EMAIL PROTECTED]> wrote on 09/16/2008 04:17:26 PM: > > > > > > > Just to clarify...you can add an SBS to a subnet, you just can't do a > > > > trust. I have added an SBS to the same subnet of another network at > > two > > > > > > > clients without an repercussions. I just couldn't do a trust, so the > > > > migration was cumbersome. In both we were splitting a group of > > > > employees into a separate company. > > > > > > > > Michael B. Smith wrote: > > > > > As long as they aren't SBS. > > > > > > > > > > Regards, > > > > > > > > > > Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP > > > > > My blog: > > > > > http://TheEssentialExchange.com/blogs/michael<http://theessentialexchange.com/blogs/michael> > > > > > Link with me at: http://www.linkedin.com/in/theessentialexchange > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > > > > Sent: Tuesday, September 16, 2008 1:28 PM > > > > > To: NT System Admin Issues > > > > > Subject: RE: AD migration - how do I do this? > > > > > > > > > > But, can two separate AD domains exist in the same sub-net/zone? > > > > > -------------------------------------- > > > > > Richard McClary, Systems Administrator > > > > > ASPCA Knowledge Management > > > > > 1717 S Philo Rd, Ste 36, Urbana, IL 61802 > > > > > 217-337-9761 > > > > > http://www.aspca.org > > > > > > > > > > > > > > > "Don Guyer" <[EMAIL PROTECTED]> wrote on 09/16/2008 > 12:24:25 > > > PM: > > > > > > > > > > > > > > >> As far as DHCP goes, you will still be able dish out addresses to > > the > > > > >> other domain just fine. > > > > >> > > > > >> Don Guyer > > > > >> Systems Engineer > > > > >> Information Services Department > > > > >> Prudential Fox Roach/ Trident > > > > >> 431 W. Lancaster Avenue > > > > >> Devon, PA 19333 > > > > >> Ph: (610) 993-3299 > > > > >> Fax: (610) 650-5306 > > > > >> www.prufoxroach.com > > > > >> [EMAIL PROTECTED] > > > > >> > > > > >> > > > > >> -----Original Message----- > > > > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > > > >> Sent: Tuesday, September 16, 2008 1:14 PM > > > > >> To: NT System Admin Issues > > > > >> Subject: AD migration - how do I do this? > > > > >> > > > > >> OK, no question! We must create a new domain which will be a > child > > > > >> domain > > > > >> of our NY office. We must then migrate all users and systems into > > > this > > > > >> new domain. > > > > >> > > > > >> Our current domain is Windows 2003 R2 native. DNS is fully > > > > >> AD-integrated. > > > > >> I realize that we can't just tell our existing domains (our > > current > > > > >> plus > > > > >> NY's current) to combine, and that renaming ours to resemble a > > child > > > > >> domain of the NY domain WILL NOT WORK. > > > > >> > > > > >> So, I set up this brand new Win2003 server, run DC Promo, and set > > it > > > up > > > > >> to > > > > >> be a controller in a child domain of the NY domain. > > > > >> > > > > >> Now, how the @#*& do I do DNS? (I figure I must disable our > > current > > > > >> DHCP > > > > >> scope.) I presume there is no way I can keep the current IP > > > addresses, > > > > >> right (that is, 10.1.2.x)? That would also affect our gateway, > > > network > > > > >> switch, firewall, and other network devices as well. > > > > >> > > > > >> Hey, if we have to pay out the wazoo for consultants, we have to, > > but > > > > >> thanks in advance for any other suggestions, advice, etc which can > > be > > > > >> offered. (No, a link to the CERN black hole web cam would not be > > > > >> considered a good suggestion, although timely.) > > > > >> -------------------------------------- > > > > >> Richard McClary, Systems Administrator > > > > >> ASPCA Knowledge Management > > > > >> 1717 S Philo Rd, Ste 36, Urbana, IL 61802 > > > > >> 217-337-9761 > > > > >> http://www.aspca.org > > > > >> > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
