Interforest Migration with ADMT 3.2 - Part 1

Interforest Migration with ADMT 3.2 - Part 1

Scenario


In this case, I have a single forest domain (Contoso.com) that uses a Windows Server 2003 Domain Controller (DC2003) and in this domain, I have two user account (User1 & User2) and two computer account (WinXP & Win7).

I create a new single forest domain (Wiki.com) that uses a Windows Server 2008 R2 Domain Controller (DC2008R2), then I use ADMT 3.2 and migrate accounts to new forest.
  

Software Requirements


SQL Server 2005 SP4 Express Edition. you can download from here:

SQL Server 2005 SP4 Express Edition

Active Directory Migration Tool (ADMT) 3.2, you can download from here:

Active Directory Migration Tool version 3.2

Password Export Server (PES), you can download from here:

Password Export Server version 3.1 (x64)

Password Export Server version 3.1 (x86)

Review Contoso.com Users, Groups and Computer


Computer accounts:



User and Group accounts in Support Organization Unit:


 

Creating first domain in a new forest by installing DC 2008 R2

Now, we create first domain (Wiki.com) in new forest by installing first Windows Server 2008 R2 Domain Controller.

Before installing Domain Controller, set

static IP Address on Windows Server 2008 R2.





Start the Active Directory Domain Services Installation Wizard by clicking Start, typing Dcpromo in the Search box, and press Enter.





On the Active Directory Domain Services Installation Wizard page, select Use advanced mode installation, then click Next to continue.



On the
Operating System Compatibility page, read warning about the default security settings for Windows Server 2008 domain controllers and then click Next to continue.



On the
Choose a Deployment Configuration page, select Create a new domain in a new forest, then click Next to continue.



On the
Name the Forest Root Domain page, type the full DNS name for the first domain in new forest (in my case is Wiki.com), and then click Next to continue.





On the Domain NetBIOS Name page, set the NetBIOS name for domain (in my case is Wiki), and then click Next to continue.



On the
Set Forest Functional Level page, choose the functional level for the new Active Directory forest (in my case is Windows Server 2008 R2), then click Next to continue.





On the
Additional Domain Controller Options page, select DNS Server check box, and then click Next to continue.



The wizard attempts to register a delegation for the DNS server with an authoritative parent zone, click
Yes to continue.



On the
Location for Database, Log Files, and SYSVOL page, click Next to continue.



On the
Directory Services Restore Mode Administrator Password page, type and confirm the password, and then click Next to continue.



On the
Summary page, review the installation options, and then click Next to continue.



Select
Reboot on completion check box, when the wizard finishes configuring Active Directory, restarts the computer.



After restarting, press
CTRL + Alt + Del keys to logon on Domain Controller.



Type your
Administrator Password and press Enter.






Verifying, Configuring and testing DNS Server after installation




After logon, go to Network Connections, right clik on NIC, select Properties.



Select Internet Protocol Version 4 (TCP/IPv4), click Properties. Remove 127.0.0.1 from DNS Client (Preferred DNS server).



Set DNS server IP Address on DNS Client (in my case is 10.10.100.1) and then clik OK.



Select Internet Protocol Version 6 (TCP/IPv6), click Properties. Remove ::1 (::1 is 127.0.0.1) from DNS Client (Preferred DNS server).



Set IPv6 DNS Client on Obtain DNS server address automaticaly, then click OK.



We need create new Reverse Lookup Zones. Click Start, Administrative Tools, DNS and open DNS console. 



Right click on Reverse Lookup Zones, click New Zones.



On the Welcome to the New Zone Wizard page, click Next to continue.



On the Zone Type page, select Primary zone, then select Store the zone in Active Directory (available only if DNS server is a writeable domain controller) check box and then click Next to continue.



On the Active Directory Zone Replication Scope page, select To all DNS servers running on domain controllers in the this domain: Wiki.com, and the click Next to continue.



On the first Reverse Lookup Zone Name page, select IPv4 Reverse Lookup Zone, and then click Next to continue.



On the second Reverse Lookup Zone Name page, Type your Network ID (in my case is 10.10.100), then click Next to continue.



On the Dynamic Update page, select Allow only secure dynamic update (recommended for Active Directory), and then click Next to continue.



On the Completing the New Zone Wizard page, click Finish.






Now, select Start, right click on Command Prompt and click Run as administrator.






Run this commands:

ipconfig /flushdns
ipconfig /registerdns
net stop netlogon
net start netlogon




Now, run this command to check DNS server name resolution:

nslookup Wiki.com





Interforest Migration with ADMT 3.2 - Part 2


Interforest Migration with ADMT 3.2 - Part 3



Translated to Farsi



http://social.technet.microsoft.com/wiki/contents/articles/18195.forest-admt-3-2-fa-ir.aspx

Sort by: Published Date | Most Recent | Most Useful
Comments
  • Great Article with Snaps.

  • Thanks i.biswajith

Page 1 of 1 (2 items)