1

We're running Exchange 2010 on a Windows 2000 functional level domain (with 2003 DCs) and we're getting ready to upgrade our domain to 2008 R2. Rather than upgrade the existing domain (with all of it's orphaned accounts and bad data) we have decided to create a new domain from scratch and gradually migrate over to it using domain trusts as a stop gap.

The email address domain isn't changing... @somecompany.com, but the realm is going from abc.def.ghi.net to ijk.local.

Moving users and computers to the new domain is easy, it's getting them access to their respective exchange accounts during the migration and the eventual final move of exchange from the old to new domain that has me stumped. Anyone done something like this before?

Derrick
  • 155
  • 1
  • 2
  • 9
  • 1
    Never use anything `.local` as your AD domain name. – Michael Hampton Jan 27 '13 at 20:38
  • That sounds like a lot of work for what may be a very simple (but overstated) problem. As far as the orphaned accounts are concerned, why not just remove them? As for the "bad data" what bad data could exist in AD that would be reolved by creating a new forest and domain? – joeqwerty Jan 27 '13 at 20:45
  • @joeqwerty The domain has been neglected for about 10 years. In addition to the typical phantom DCs, DNS servers, 1000+ abandoned user and computer objects, which yes- could be manually corrected- the domain was first created as a subdomain of our hosting facility. We are eventually going to leave our current hosting situation and want to establish our own domain and then do a trust back to theirs, how it should have been done in the first place. Hence the need to move. – Derrick Jan 28 '13 at 18:13
  • I'm intrigued @MichaelHampton, why never use .local? – Rhys Evans Jan 29 '13 at 23:06
  • 1
    See [What should I name my Active Directory?](http://serverfault.com/a/473530/126632) – Michael Hampton Jan 29 '13 at 23:15

2 Answers2

1

I haven't set this up personally yet, but if you're performing a phased migration from one Exchange organization to another with a shared address space, you can use a technique called split domain routing.

Here are a couple of links that might help:

Migrating everybody's mailboxes as PSTs in one shot is definitely the preferred way to go (unless you can keep the same AD domain, moving mailboxes inside of one organization is a breeze), but if you can't do that, the above will allow you to be more gradual about it. Just understand that it requires a lot more hands on work and management.

Jeremy Lyons
  • 1,088
  • 6
  • 9
0

If you're going down the root of creating a cross-forest trust and then using the ADMT tools to migrate user objects etc, you might be able to get away with moving the mailboxes using the Exchange Console/Shell to move the mailboxes across - see Exchange Cross-Forest Migration

If that fails you can use the Exchange shell and export all the mailboxes as PST's and then import them in to the newly installed Exchange - see Import/Export Exchange Mailboxes

I've done a couple of these, haven't really found a proper way to do this other than using group policy very well to re-map drives and configure outlook etc and telling the users I've migrated to log on to domain Y instead of domain X

Rhys Evans
  • 919
  • 8
  • 23