Moving the Domain Object
(Last modified: 15Apr2002)
This document (10061855) is provided subject to the disclaimer at the end of this document.
goal
Moving the Domain Object
Updating the registry to reflect the new Domain context
Change the domain location
Renaming the NDS Tree
Can an NDS for NT Domain Object be Moved?
fact
NDS for NT
Corporate Edition
Account Management
fix
In the event that you want to move a domain you should first partition the object off using the Partitions and Servers view in ConsoleOne, or NDS Manager for older versions that ships with NDS for NT. Then move the object to its new location. This is necessary because the domain is a container object and cannot be moved any other way.
When you move the object be sure to leave an alias to the new object. This will allow SAMSRV.DLL to automatically resolve to the new location. If you have done this then the next time the domain controller starts it will resolve to the new object and update the registry. Once all servers have been rebooted you can then delete the alias.
If you do not leave an alias, nobody will be able to login to the domain at the next reboot, with the exception of the Administrator user. This must be the user with the 1F4 (500) RID as it is the only user whose information is persistently cached. You should remove the network cable at boot up so that the domain cannot attempt login to NDS, and then run SAMMIG to relink to option to the domain controller.
NOTE - The registry key that contains the context information will need to be changed before the machine is rebooted. To do so you must first grant administrator FULL CONTROL rights to the HKLM/Security/NWSAM key in the registry. Once you can see the values for NWSAM verify that these are correct, change them if necessary. Once this is done change Administrators rights back to their previous setting.
When renaming the tree you will need to modify the HKLM/Security/NWSAM key in the registry. If you are using the HOSTS file in winnt/system32/drivers/etc you will want to modify it as well. You will also need to modify the client on the workstations to reflect the new tree name.
document
| Document Title: | Moving the Domain Object |
| Document ID: | 10061855 |
| Solution ID: | NOVL45769 |
| Creation Date: | 18Apr2001 |
| Modified Date: | 15Apr2002 |
| Novell Product Class: | Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.