Presentation is loading. Please wait.

Presentation is loading. Please wait.

VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain.

Published byHollie Foster Modified over 8 years ago

Similar presentations

Presentation on theme: "VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain."— Presentation transcript:

1 VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain.

2 Initial Plan  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a), resource servers (b), computer accounts (c), and user accounts (d). (VPRC.ASU.EDU)  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: Windows 2000 domain running in Native Mode. (ASURITE.AD.ASU.EDU) All ASURITE user accounts reside in this domain and will be accessed from here.  M.OVPR - organizational unit for the OVPR (e). Starts out empty but will eventually contain all of our computer accounts, security groups, etc..  Transitive Two-Way Trust (f). Built-in trust between empty root (AD.ASU.EDU) and down level domain (ASURITE.AD.ASU.EDU).  AD Forest Root Domain (g). Containing Forest Schema and Domain Naming Master FSMO's, Schema and Enterprise Admins. No user accounts or computers. 1 2 3 abcd e g f VPRC Domain ASURITE Domain M.OVPR AD Domain

3 Step One  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a), resource servers (b), and computer accounts (c). User accounts from this domain will no longer be utilized. (VPRC.ASU.EDU)  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: This step will be performed simultaneously with step two. All user accounts will be pulled from the ASURITE domain (d). New global security groups will be created in M.OVPR.Groups containing the ASURITE ID’s of our users. New local security groups will be created on the resource servers containing the global security groups from M.OVPR.Groups. This will allow users still in the ASURITE domain to access resources still contained within the VPRC domain.  M.OVPR - organizational unit for the OVPR (e). This will start out empty but will eventually contain all of our computer accounts, security groups, etc.. 1 2 3 abc e d VPRC Domain ASURITE Domain M.OVPR AD Domain

4 Step Two  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a) and resource servers (b). User accounts from this domain will no longer be utilized and all computer accounts have been migrated to the ASURITE domain.  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: All ASURITE user accounts will be pulled from the ASURITE domain (d).  M.OVPR - organizational unit for the OVPR (e). All computer accounts (c) now reside in the computer sub-OU (M.OVPR.Computers). These are workstations only. When migration takes place, users local profile folder is renamed from ‘username’ to ‘username_old’. User logs in to create new profile (for the ASURITE domain). All files except NTUSER.INI, NTUSER.DAT, and NTUSER.DAT.LOG are copied into the new local profile folder and permissions are reset to give the user the appropriate permissions. This will retain all application settings except for the Exchange profile. 1 2 3 ab e c d VPRC Domain ASURITE Domain M.OVPR AD Domain

5 Step Three  VPRC Domain: Windows NT 4.0 multi-master domain with a PDC (a). User accounts from this domain will no longer be utilized and all computer/server accounts have been migrated to the ASURITE domain.  Trust Relationship: Explicit one-way trust established to allow the ASURITE domain to access resources in the VPRC domain.  ASURITE Domain: All ASURITE user accounts will be pulled from the ASURITE domain (d).  M.OVPR - organizational unit for the OVPR (e). All resource servers (b) have been migrated. All computer accounts (c)now reside in the computer sub-OU (M.OVPR.Computers). 1 2 3 a e c d VPRC Domain ASURITE Domain M.OVPR b AD Domain

6 Where We Are Now Remote Installation Server (RIS) was first in ASURITE domain. Two production IIS servers and one development IIS server have been migrated. About half of our users have been migrated.  Any time we touch a computer for maintenance or install a new one we bring it up in ASURITE.

7 What We Did Different Initial Plan  Place all workstations in a single OU (M.OVPR.Computers). Actual Implementation  Created multiple OU’s to reflect our departmental structure and placed workstations where appropriate. This eases administrative tasks and allows us to implement workstation changes on a granular level. This will be of great benefit to us as we develop more complex GPO’s, security policies, and as we begin to use Intellimirror.

8 Current OU Structure Allows us to monitor where workstations are. Absolute control over GPO’s and where they are applied. Will allow us to give limited administrative control to those departments that desire it.

9 Next Steps Finish migration.  Migrate remaining users/workstations into ASURITE.  Move file and print servers into ASURITE. Shut down NT 4 domain (VPRC). Begin testing of new technologies such as Intellimirror and advanced GPO use in TASURITE.

10 Somewhere in between…

Download ppt "VPRC Domain Migration Migrating resources from the VPRC domain to the ASURITE domain."

Similar presentations

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.

Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory

Introduction to Active Directory
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.

Windows 2000 Arizona State University Windows 2000 Infrastructure Mehran Yahya Information Technology Patricia M. Schneider Information Technology – East.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.

Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.

By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

Similar presentations

Ads by Google