February 11, 2014 at 7:08 am
I was asked what it took to move a SQL Server 2008 R2 to another Domain.
The article listed below describes the action necessary to do so:
http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain">
http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain
Does anyone have any additional input?
Thank you.
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
February 16, 2014 at 1:42 pm
hi
February 16, 2014 at 1:53 pm
Hi to you. :hehe:
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
February 17, 2014 at 9:41 am
Assuming the machine-name will change, then make sure you run sp_dropserver/sp_addserver (Step L in the linked article). Definitely a gotcha step.
I've never migrated an existing database server between domains; I have renamed a server, and that causes sufficient hassles!
You don't mention if your current server is virtualised or physical?
Depending on the complexity of your current server config, I would be tempted to start with a fresh install. Again, depending on your IT infrastructure, a new OS might be a few clicks in HyperV/vSphere. Followed by MSSQL install and data migration. If you have a physical machine, then not to easy to accomplish.
Andy
February 17, 2014 at 10:31 am
Welsh Corgi (2/11/2014)
I was asked what it took to move a SQL Server 2008 R2 to another Domain.The article listed below describes the action necessary to do so:
http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain">
http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain
Does anyone have any additional input?
Thank you.
Moving domains for a sql server has no major headaches. Any current windows logins would need to be changed if there is no trust between the old and new domains.
You'll likely need to change the service account as well, which you should do via SQL Server configuration manager.
Since your only moving domains and not changing the server name, it should be straightforward.
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
February 17, 2014 at 1:42 pm
Service ID for SQLServer will need changed on the Configuration panel...
UserIDs: Need to give that service ID on the new Domain 'sa' rights...
All users using their domain ID within SQL Server will need recreated on the new domain within sql server....
If it is a clustered SQL Server there are many more steps. You don't say it is clustered so I am guessing it isnt
February 18, 2014 at 2:23 pm
Markus (2/17/2014)
Service ID for SQLServer will need changed on the Configuration panel...UserIDs: Need to give that service ID on the new Domain 'sa' rights...
All users using their domain ID within SQL Server will need recreated on the new domain within sql server....
If it is a clustered SQL Server there are many more steps. You don't say it is clustered so I am guessing it isnt
If you can do cleanup, the new service ID should NOT be a Windows or Domain admin.
If you run into file by file NTFS security issues, from the command line
icacls * /reset /t
is useful - it'll set an entire (SQL Server) subdirectory tree to the same permissions as the directory you're in, if you get into a problem.
Don't forget to set your SPN's again, and make sure the new domain service account is trusted for Kerberos delegation.
Check to be sure @@SERVERNAME and SERVEROPTION('servername') report the same name after you're done.
If you've got "Force [connection] encryption on" you'll need to generate and sign a new SSL cert because the FQDN changes, and you will of course need to grant Read permission on the private key to the new service login.
February 23, 2014 at 3:16 pm
Thanks for the input.
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
February 24, 2014 at 6:35 am
Be aware that if it is to a new trusted domain, if you are using SID History, some things may work until they get rid of SID History.
Also when using Kerberos, besides SPN's, you need to make sure delegation is allowed on the accounts.
So more is involved than just making sure you have new endpoints.
February 24, 2014 at 9:47 am
Thank you for the responses.
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply