Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Move SQL Server Machine to another Domain


Move SQL Server Machine to another Domain

Author
Message
Welsh Corgi
Welsh Corgi
SSCertifiable
SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)

Group: General Forum Members
Points: 5202 Visits: 4874
I was asked what it took to move a SQL Server 2008 R2 to another Domain.

The article listed below describes the action necessary to do so:


http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain


Does anyone have any additional input?

Thank you.

For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/

For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
murakonda12venu
murakonda12venu
Forum Newbie
Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)

Group: General Forum Members
Points: 4 Visits: 57
hi
Welsh Corgi
Welsh Corgi
SSCertifiable
SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)

Group: General Forum Members
Points: 5202 Visits: 4874
Hi to you. Hehe

For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/

For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Andy sql
Andy sql
Ten Centuries
Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)Ten Centuries (1.2K reputation)

Group: General Forum Members
Points: 1150 Visits: 1301
Assuming the machine-name will change, then make sure you run sp_dropserver/sp_addserver (Step L in the linked article). Definitely a gotcha step.

I've never migrated an existing database server between domains; I have renamed a server, and that causes sufficient hassles!

You don't mention if your current server is virtualised or physical?

Depending on the complexity of your current server config, I would be tempted to start with a fresh install. Again, depending on your IT infrastructure, a new OS might be a few clicks in HyperV/vSphere. Followed by MSSQL install and data migration. If you have a physical machine, then not to easy to accomplish.

Andy
Perry Whittle
Perry Whittle
SSCrazy Eights
SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)SSCrazy Eights (8.8K reputation)

Group: General Forum Members
Points: 8839 Visits: 16579
Welsh Corgi (2/11/2014)
I was asked what it took to move a SQL Server 2008 R2 to another Domain.

The article listed below describes the action necessary to do so:


http://dba.stackexchange.com/questions/37583/moving-sql-server-to-different-domain


Does anyone have any additional input?

Thank you.

Moving domains for a sql server has no major headaches. Any current windows logins would need to be changed if there is no trust between the old and new domains.
You'll likely need to change the service account as well, which you should do via SQL Server configuration manager.
Since your only moving domains and not changing the server name, it should be straightforward.

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs" ;-)
Markus
Markus
SSCommitted
SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)

Group: General Forum Members
Points: 1587 Visits: 3680
Service ID for SQLServer will need changed on the Configuration panel...

UserIDs: Need to give that service ID on the new Domain 'sa' rights...

All users using their domain ID within SQL Server will need recreated on the new domain within sql server....

If it is a clustered SQL Server there are many more steps. You don't say it is clustered so I am guessing it isnt



Nadrek
Nadrek
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1043 Visits: 2673
Markus (2/17/2014)
Service ID for SQLServer will need changed on the Configuration panel...

UserIDs: Need to give that service ID on the new Domain 'sa' rights...

All users using their domain ID within SQL Server will need recreated on the new domain within sql server....

If it is a clustered SQL Server there are many more steps. You don't say it is clustered so I am guessing it isnt


If you can do cleanup, the new service ID should NOT be a Windows or Domain admin.
If you run into file by file NTFS security issues, from the command line

icacls * /reset /t


is useful - it'll set an entire (SQL Server) subdirectory tree to the same permissions as the directory you're in, if you get into a problem.

Don't forget to set your SPN's again, and make sure the new domain service account is trusted for Kerberos delegation.

Check to be sure @@SERVERNAME and SERVEROPTION('servername') report the same name after you're done.

If you've got "Force [connection] encryption on" you'll need to generate and sign a new SSL cert because the FQDN changes, and you will of course need to grant Read permission on the private key to the new service login.
Welsh Corgi
Welsh Corgi
SSCertifiable
SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)

Group: General Forum Members
Points: 5202 Visits: 4874
Thanks for the input.

For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/

For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Greg Edwards-268690
Greg Edwards-268690
SSC Eights!
SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)SSC Eights! (825 reputation)

Group: General Forum Members
Points: 825 Visits: 8267
Be aware that if it is to a new trusted domain, if you are using SID History, some things may work until they get rid of SID History.
Also when using Kerberos, besides SPN's, you need to make sure delegation is allowed on the accounts.
So more is involved than just making sure you have new endpoints.
Welsh Corgi
Welsh Corgi
SSCertifiable
SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)SSCertifiable (5.2K reputation)

Group: General Forum Members
Points: 5202 Visits: 4874
Thank you for the responses.

For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/

For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search