So, with yesterdays experience fresh in mind we were supposed to start migrating user/computer objects into the fresh domain.
The day started out with not getting the trust relationships in place between the old and the new domain...
After a lot of fiddling and debugging, it dawned on us. We had forgotten to designate a Global Catalog in the local site, and this was causing our domain server to go across the WAN link on every change in AD. I manually added the Global Catalog role to the local server, only to realize that there were replication errors in the forest. After about 1.5 hours we finally got a proper replication going.
We managed to get the trusts working, and started prepping for the ADMT process. This involved setting permissions in both domains for the trusted users. After loads of errors and migration tests we got it working. The domain computers (the ones running Windows 2000 and XP) were migrated, and so was the user accounts and groups. By the time we got this far, it was already so late that it was not likely that we would get the rest of the job done this weekend. So, yet again, the final migration is postponed.
We are now looking at finishing it next weekend, with some of the people involved working on copying files and other necessary services during next week. Hopefully next weekend will involve a few hours work on my part, and this whole process will be finished. Judging by the previous attempts on estimating how much time this would take, I'm not that hopefull that this will be the case in the end. Anyway, I think we will actually hit it on the nose this time, as the remainder of the job is purely file/permissions setting and enabling the new DHCP/WINS services. Also, this process will involve removing the old AD from one of the old servers, and promoting it again as a DC in the new Domain.
Time will tell ...
0 Comments so far