Hi all,
I have taken over a LAN consisting of two domains (A+B) each consisting of 7VMs, it would appear my predecessor cloned the DCs without using Sysprep. The resultant being two domain controllers with the same SID. Previously this was not a problem because there was no requirement to talk between the two domains. I now require to create a trust between the domains. Upon doing so the trust failed. Research informed me that a duplicate SID was the cause. I confirmed this by standing up a new domain controller (C (with a different SID)) and managed to create a trust to domain (A).
My conclusion is that I need to create a new domain controller for domain A. I was pondering how to do this with the least amount of effort.
Would it be possible to add a new DC into the existing A domain and then remove the old one? I have managed to find conflicting advice on this subject. I believe this will not solve my problem as the new DC will assume the same SID as the exising DC?
Failing that I guess I will have to rebuild. Is there a tool I can use which allows me to backup the existing AD config and then import it into the new DC? Also, what other information will I have to consider backing up and migrating? I
will plan to copy the existing domain A and then Sysprep it. Will this maintain any network shares/data?
I hope my questions are clear and I thank you in advance for any suggestions. -)