locked
Changing Domain of Forefront Client Security Server RRS feed

  • Question

  • Hello,

    We are going to be changing our internal domain name, and that of our client computers and servers.  I am wondering if just rerunning the Forefront Client Security Server wizard and repushing out the policies will be enough to get it working under the new domain?

    Thanks!
    Wednesday, March 18, 2009 9:39 PM

All replies

  •  I can honestly say I don't know.. I know it's something we have never tested with FCS.  It's been a long time since I studied the mechanics of a domain rename but if you are using the tools for it without rebuilding/migrating then your GPO's should stay in place and still be applicable.  The part that gets iffy is probably how MOM 2005 handles it as well as SQL for accounts that are granted permission with OLDDOMAINNAME\DAS account etc.  May run into some strangeness as well with the policies that do show up in FCS console where they may not detect that they are deployed properly but again not sure on this as it is something that has not been tested.
    CSS Security Support Engineer (FCS/MBSA/WUA/Incident Response) Check out my blog http://blogs.technet.com/kfalde
    Wednesday, March 18, 2009 10:36 PM
  •  Stop FCS serverr sevices change your domain name join FCS server with the new domain, make services accounts. and start the services again simple.

    • Proposed as answer by Salman Ali Saturday, March 21, 2009 2:06 PM
    Saturday, March 21, 2009 2:06 PM
  • Have you tried this? Did the clients work afterwards? MOM 2005 does not allow computer name changes or domain changes from what I can figure.
    Sunday, March 22, 2009 4:24 PM