Determining Your Restructure Requirements
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
As part of your Active Directory deployment, you might choose to restructure your environment. Before doing so, you must determine when and how you want to restructure your environment. Organizations with an existing Windows NT 4.0 domain structure might perform an in-place upgrade of some domains and restructure others. In addition, you might decide to reduce the complexity of your environment by either restructuring domains between forests or restructuring domains within a forest after you deploy Active Directory.
Windows NT 4.0 Domain Restructure to a Windows Server 2003 Forest
Because of its greater scalability, a Windows Server 2003 Active Directory environment requires fewer domains than a Windows NT 4.0 environment. Instead of performing an in-place upgrade of your Windows NT 4.0 domains, it might be more efficient to consolidate a number of smaller Windows NT 4.0 account and resource domains into a few, larger Active Directory domains.
Interforest Active Directory Domain Restructure
When you restructure domains between Windows Server 2003 forests, you can reduce the number of domains in your environment and, therefore, reduce administrative complexity and overhead. When you migrate objects between forests as part of the restructuring process, both the source and target domain environments exist simultaneously. This enables you to roll back to the source environment during the migration, if necessary.
Intraforest Active Directory Domain Restructure
When you restructure Windows Server 2003 domains within a Windows Server 2003 forest, you can consolidate your domain structure and, therefore, reduce administrative complexity and overhead. Unlike the process for restructuring Windows Server 2003 domains between forests, when you restructure domains within a forest, the migrated accounts no longer exist in the source domain.
Table 1.3 lists the differences between an interforest and an intraforest domain restructure.
Table 1.3 Differences Between Interforest and Intraforest Domain Restructures
| Migration Consideration | Interforest Restructure | Intraforest Restructure |
|---|---|---|
Object preservation |
Objects are cloned rather than migrated. The original object remains in the source location to maintain user access to resources. |
Objects are migrated and no longer exist in the source location. |
SID history maintenance |
Maintaining SID history is optional. |
SID history is required. |
Password retention |
Password retention is optional. |
Passwords are always retained. |
Local profile migration |
You must use tools such as ADMT to migrate local profiles. |
For workstations that run Windows 2000 and later, local profiles are migrated automatically because the user’s GUID is preserved. However, you must use tools such as ADMT to migrate local profiles for workstations that run Windows NT 4.0 and earlier. |
Closed sets |
You do not need to migrate accounts in closed sets. |
You must migrate accounts in closed sets. |