Migrating Microsoft AD Domain to Existing BIND9 Infrastructure

Millar, Jay Jay.Millar at stjohn.org
Thu Feb 10 14:56:42 UTC 2005 

Hi All,

We currently have a BIND9 implementation supporting our Active Directory =
domain, and have been successfully running this configuration for several=
 years (in part, thanks to you folks!).  In any event, we have been prese=
nted an 'opportunity' to migrate a separate Active Directory domain manag=
ed by Microsoft DNS servers into our existing infrastructure.  Our compan=
y has merged with another (smaller) entity, which was running this setup.

In any event, we would like to rid ourselves of these legacy Microsoft DN=
S servers supporting the other domain, and eliminate the other domain ent=
irely.  Of course, this will require some interesting work from a client =
configuration perspective...but that's not my immediate concern.  I'd lik=
e to validate my line of thinking as to how to migrate these Microsoft-ma=
naged, AD registered servers.

My thought was that it would be a matter of arranging a scheduled transit=
ion period for each affected server.  We would likely want to do this one=
 at a time.  The admin of the affected server would 'unregister' the syst=
em from the old domain, and reconfigure it to point to our BIND9 DNS serv=
ers using the new domain.  The reconfiguration would accomplish the task =
of registering the server into our BIND9 managed AD tree....and once this=
 was done, the proper adjustments would have to be made for clients that =
had been accessing that server.

Does this sound like the proper approach, and if anyone has done this typ=
e of migration before, are there any 'gotchas' that I should be wary of?

Thank you for your help!

-Jay Millar
Detroit, MI


CONFIDENTIALITY NOTICE:  This email message and any accompanying data are=
 confidential, and intended only for the named recipient(s).  If you are =
not the intended recipient(s), you are hereby notified that the dissemina=
tion, distribution, and or copying of this message is strictly prohibited=
=2E  If you receive this message in error, or are not the named recipient=
(s), please notify the sender at the email address above, delete this ema=
il from your computer, and destroy any copies in any form immediately.

More information about the bind-users mailing list