cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Migration from one domain to new domain

Hello,

We are migrating from one domain to another in Active Directory. My netbackup is running on a Windows Server 2016 and we planning to use the same server. Any idea on how I can accomplish all this without an issue.

Thanks,

Ishac

 

7 Replies
Highlighted

Re: Migration from one domain to new domain

The answer will in part depend on how the master server is defined in your environment.

The only simply way to migrate the master is to retain the same master server name. If it is using a fully qualified domain name/FQDN (e.g. nbumaster.example.com), then you have to keep this (remember that all your client and media server certificates are based on the master server's exiting name and certificate).

If the master server currently uses just a short name (e.g. nbumaster), then it should be a simple matter to migrate to the new domain (although check the server certificate for the master to make sure - use the nbcertcmd).

If the master is using a FQDN and this has to change, then the only sensible option is to engage your Veritas account team to assist with the services required.

An alternate approach may be to build a brand new environment in the new domain and retain the old domain until the backup images expire (this may lead to challenges depending on the backup retention you have and how long you have to retain the old environment).

Highlighted

Re: Migration from one domain to new domain

Hello,

Thank you for the insight, Currently it is using the fqdn. 

Highlighted

Re: Migration from one domain to new domain

Can you maintain the existing FQDN for the master server when it moves to the new domain? 

Highlighted

Re: Migration from one domain to new domain

I guess one could add a hosts file entry to all hosts/nodes in the estate (OpsCenter, Masters, Medias, Appliances, Clients) to point to the old FQHN.

Highlighted

Re: Migration from one domain to new domain

Hello,
We can't maintain the existing domain. The existing domain will be retired. 

Highlighted

Re: Migration from one domain to new domain

If that is the case, then you could concievably create a local host entry on ALL systems (clients and media servers), referencing the old FQDN of the master. It's not a nice solution, but unless you want to spend some $$ to do the change properly there is not much else that can be done. 

The only supported way to change the master server name with an existing NetBackup environment is to use the Catman services. 

Highlighted

Re: Migration from one domain to new domain

There are a few other things you should consider, as I've seen many a request for "domain" migrations, some can be done easily while others are "non starters".

Firstly an easy rename is possible providing the systems have been configured with "short names" as the "MachineName"
Check what the output of nbemmcmd -listhosts -verbose.

If you have shortname for EVERYTHING as the MachineName then you can simply add an alias for the new domain using the nbemmcmd command, and it will work, if you want to change the FQDN (for cosmetic reasons) this requires a "double rename" to make it happen, again this can be done using nbemmcmd command.

If however you are using FQDN as the MachineName, you will need to use other tools as there is no way to fix this using standard NBU commands. Catman might help, but that will depend on what you are doing with the rest of the environment, as renaming the master is only one part of the environment if domain names are changing....

Other things you need to look at:-

Do any media servers / storage servers also use FQDN and the domain you want to retire?  renaming MSDP  is not a simple process, so those components, may not be renamable. (Catman used to support this before 8.0, but since then I have seen more failures that sucess stories when it comes to media server renames.)

Certificates, they are tied to  hostid, but also contain the host name, so you may need to re-create / re-depoly the CA too, and this can be an awkward process, resulting in the need to run commands on  each of the clients too.

So while renaming the master may be one part of the process, it is likley its not the only thing that needs to be done and you probably need to get some professional services to assist you with this.