Türkçe Español Русский Português Português Italiano Deutsch Ελληνικά Français English 中文 ةيبرعلا
Microsoft Gold Partner Certification
SEI Member & Partner


You are here: > IT Solutions > Technology & Support Solutions
> Data Migration Considerations

    Incorporated in 1984, Integration Technologies Group (ITG) is a full service systems integration company which for over 25 years has provided government, private sector and non-profit/educational organizations with successful, complete and timely system integration and IT service management solutions. As a Microsoft(tm) Certified Gold partner, we have implemented multiple AD migrations coupled with unique experience in Microsoft(tm) Unified Communications.
    ITG currently is ISO 9001, ISO 20000 and ISO 27001 Certified, as well as a CMMI(tm) Level 3 Appraised company, and continually strives for improvement. We invest substantial time and money in our infrastructure and process development to fine tune solutions that: reduce the downtime for the end user; and enable the highest degree of efficiency; produce the least strain on the customer's workforce and reduce the customer's overall cost of ownership. As a result of our dedication to continual improvement, our solutions provide seamless, all inclusive results for our customers, and incorporate all aspects of an IT deployment.

    For more information on how we can assist you with your AD project, please contact:

George Harris - George.Harris@ITGonline.com
or call 1-800-835-7823 (U.S.), (800) 900-20060 (International)

    "Active Directory is an implementation of LDAP directory services by Microsoft for use in Windows environments. Active Directory was released first with Windows 2000 and saw some revision in Windows 2003.
    Unlike earlier versions of Windows which used NetBIOS to communicate, Active Directory is fully integrated with DNS and TCP/IP. However, to be fully functional, the DNS server must support SRV Records. Windows 2000 workstations can still function using WINS to locate the servers, but Active Directory will not function properly without a DNS server that supports SRV.
    Active Directory allows administrators to assign policies to workstations, deploy programs to many computers, and apply critical updates to an entire organization. Active Directory also stores information about its users and can act similar to a phone book. This allows all of the information and computer settings about an organization to be stored in a central, organized database."

- excerpt from Wikipedia

Five Things to Consider When Planning an Active Directory Migration

Microsoft Active Directory (AD) is a critical component of the Windows platform. Maintaining its operation and availability is an important part of Information Technology management. AD is a logical representation of the business organization and provides the means to manage the identities and relationships that make up network environments. It consists of the Lightweight Directory Access Protocol, Kerberos network security, Domain Name System (DNS) resolution, and other network services.

Frequently, it is necessary to upgrade, migrate, consolidate, and rename the AD infrastructure. The namespace for AD is based upon the Domain Naming System. The DNS namespace usually reflects the company’s name. When this name is changed, either through mergers or acquisitions, an Active Directory migration needs to be implemented to reflect the change. There are also benefits to upgrading the version of AD to enable new features and applications. Project management planning is critical in order to control these changes and maintain network availability.

AD migration can take several forms. These include an upgrade, an inter-forest migration, an intra-forest migration, a restructuring, and a domain rename. Each of these options has similar processes to affect the change. A well-executed network discovery is critical to appropriate planning of the migration project. This discovery process also entails a close analysis of how network policies relate to business function. Common components of an AD migration project include the following:

1. Analysis of Current AD Structure

The structure and functional levels of the AD forest, number of forests and number of domains must be considered. The number of AD sites and their locations, as well as the bandwidth of the WAN links connecting the sites must be mapped. The current placement of domain controllers and global catalogs, and their redundancy, should be discovered. Finally, the location of users and network resources in relation to the AD service availability should be determined.

2. Determination of Planned AD Structure Outcome

Any changes to the DNS namespace brought about by a merger, acquisition, or company name change will need to be evaluated. The forest and domain restructuring will need to be planned in order to determine what method of migration will be executed. WAN links and replication times will need to be considered and scheduled to minimize user downtime. Possible hardware and capacity planning should be done in the event of an AD upgrade in order to maximize availability of the service. Group policy structure and planning will need to be incorporated into the overall directory design to ensure the security of network resources.

3. Domain Name Service Planning

DNS zones and records are replicated through AD based upon the AD Sites and their configuration. Without proper placement and planning of the DNS infrastructure, AD will not function properly. This will involve a good deal of preparation to coordinate the external and internal namespaces and ensure all network services can be correctly located.

4. AD Security

AD relies on Kerberos authentication for access to network resources. Proper DNS, domain controller, and global catalog server placement ensures complete access to security services for user authentication and network resource access. The functional level of the AD forests and domains also ties in with the security functions of the servers and should be carefully planned according to what level of clients will need to be supported. Ancillary Microsoft security services can also be incorporated into the network design to provide added security for remote access and smart card access to the network.

5. AD Migration Tools

There are many tools available to assist with the steps involved in the migration process. For example, Microsoft’s AD tool can be used to restructure AD domains and forests as well as complete intra-forest and inter-forest migrations. Also, Microsoft’s Domain Rename tool can be used to rename and restructure domains and to adjust group policy settings to accommodate the new structure. Additionally, there are many well-known, third-party applications that can minimize user downtime by automating many of the tasks needed, reducing the number of desktop reconfigurations.

Please contact us for any assistance you may need:

Integration Technologies Group, Inc.
2745 Hartland Road
Falls Church, VA 22043
Telephone: 703-698-8282
FAX: 703-698-0305

Press Releases
Media Center
Capability Maturity Model Integration
International Standards Organization
IT Service Management
Americans with Disabilites Act
Web Accessibility Section 508
Take a Free 508 Course:
Introduction to Web Accessibility
Get IT Service Support Request Record Status
Create New IT Service Support Request Record