1

We have a Server 2003 functional-level forest with three domains:

NYC is the forest root domain

LAX is a child domain of NYC

SEA is another child domain of NYC

Some time in the distant past, someone decided that it would be best to retire the name NYC and starting putting everyone in the two child domains, LAX and SEA. NYC is still there, it just has no actual users, groups or shared resources.

Now we'd like to make LAX the forest root domain, and get rid of NYC entirely. SEA would remain unchanged and stay a child domain.

Is this possible? If so, how do I go about this process, assuming that nothing needs to be migrated away from the old NYC domain? Is it simply a process of removing all the DCs from NYC and decommissioning it, or is there more to it?

I haven't been able to find any relevant information on this process from Microsoft's resources. Please let me know if I can add any clarification, I'm still new to managing AD.

1 Answers1

1

It is not possible, as you're asking. The root of a forest cannot be changed, moved, or deleted. There's plenty of articles. (You also can't split or clone a forest, like during a corporate divestiture.)

https://technet.microsoft.com/en-us/library/cc978004.aspx

You currently have a 3-domain forest, with an empty root domain. That's actually a decent architecture, you could just leave it as-is. What's your business case for the restructuring that you want to do?

mfinni
  • 36,144
  • 4
  • 53
  • 86
  • From my point of view as just a sysadmin, it's a cosmetic change that management wants. The name of the root domain is an old company name from the past that we no longer use, and the child domain in question is now our company name. Since the root domain is empty and virtually unused for anything, we wanted to simplify the architecture. –  Aug 02 '17 at 23:44
  • You are going to sink a lot of time, and user impact, on a cosmetic improvement. – mfinni Aug 03 '17 at 00:27
  • Well, I guess I'll have to research some more and maybe talk to mgmt about how this probably won't be practical. So, in order to accomplish this, we'd probably have to create an entirely new forest and use ADMT to migrate to it? –  Aug 03 '17 at 14:09
  • That's at a minimum. If you have Exchange, you'll also have to migrate mailboxes. ADMT involves both users, and their workstations (and their profiles on those workstations.) If you have thousands of users, and don't want to spend more than a year doing this, you might want to look at Quest's migration tools- and be ready to open your wallet, it's not cheap but it's worth the money for what they do. – mfinni Aug 03 '17 at 19:18