Migrating Microsoft AD Domain to Existing BIND9 Infrastructure
Millar, Jay
Jay.Millar at stjohn.org
Thu Feb 10 14:56:42 UTC 2005
Hi All,
We currently have a BIND9 implementation supporting our Active Directory =
domain, and have been successfully running this configuration for several=
years (in part, thanks to you folks!). In any event, we have been prese=
nted an 'opportunity' to migrate a separate Active Directory domain manag=
ed by Microsoft DNS servers into our existing infrastructure. Our compan=
y has merged with another (smaller) entity, which was running this setup.
In any event, we would like to rid ourselves of these legacy Microsoft DN=
S servers supporting the other domain, and eliminate the other domain ent=
irely. Of course, this will require some interesting work from a client =
configuration perspective...but that's not my immediate concern. I'd lik=
e to validate my line of thinking as to how to migrate these Microsoft-ma=
naged, AD registered servers.
My thought was that it would be a matter of arranging a scheduled transit=
ion period for each affected server. We would likely want to do this one=
at a time. The admin of the affected server would 'unregister' the syst=
em from the old domain, and reconfigure it to point to our BIND9 DNS serv=
ers using the new domain. The reconfiguration would accomplish the task =
of registering the server into our BIND9 managed AD tree....and once this=
was done, the proper adjustments would have to be made for clients that =
had been accessing that server.
Does this sound like the proper approach, and if anyone has done this typ=
e of migration before, are there any 'gotchas' that I should be wary of?
Thank you for your help!
-Jay Millar
Detroit, MI
CONFIDENTIALITY NOTICE: This email message and any accompanying data are=
confidential, and intended only for the named recipient(s). If you are =
not the intended recipient(s), you are hereby notified that the dissemina=
tion, distribution, and or copying of this message is strictly prohibited=
=2E If you receive this message in error, or are not the named recipient=
(s), please notify the sender at the email address above, delete this ema=
il from your computer, and destroy any copies in any form immediately.
More information about the bind-users
mailing list