Age old problem, customer has lost the password to their root certifier. I now need to create new servers which I plan to do in a new duplicate hierarchy/domain structure.
1) Is it feasible in the new domain to cross certify the servers/OU's of the old domain such that the old servers can replicate databases onto the new servers (if given the correct access) or will they baulk at public keys not matching the name that is expected.
2) Planning to copy user documents from old to new domain and then using Rename User > Move in Hierarchy to get the users under a certificate that isn't about to expire in 2 weeks time.
I have the option of creating a transit domain, to which old and new environments can be x-certified to create an interim hop if necessary.
Feedback number WEBBAZ9F9F created by Mike Perrett on 05/30/2018