Our domain structure is being reorganized due to a recent consolidation of several public agencies into a larger one. To present a common look and feel to our public, we are creating a new Win2K account domain where all customers will login. This domain will have its own set of DCs and GCs and sole purpose will be for user login. All server resources, including our Unity server; Exchange servers; DCs and GSs, will remain in their original domain (much like an NT resource domain). The users will be migrated with the Microsoft AD Migration tool, which supports SidHistory. I wanted to confirm that I will need to run GrantUnityAccess for my subscribers so that they can access the Unity Assistant and use TRAP from ViewMail. Is there any alternative to this? Will I need to rerun my Unity permissions wizard for this new account domain?
Re: Change domain structure - run GrantUnityAccess?
We haven't tested with ADMT (as far as I am aware) but as long as you are doing an Intraforest migration it should work. Unity tracks objects within the forest by GUID and an Intraforest migration basically moves the object so the GUID isn't altered. Once Unity synchs with the GC it will learn that the object has moved and update SQL appropriately -- assuming permissions are set correctly. Since Unity tracks the user oject and the object itself will not change, you wouldn't need to run GrantUnityAccess.exe.
Again, since this has not been tested I would give it a go in the lab first for sure. VMware is great for these kinds of tests since you can roll back changes and you don't need a bunch of servers to test it with.
I'm not able to access my old voice mail messages all of a sudden. The recording says something like 'the message is currently not available'. This has never happened before in all the years I have been using this system. I have t...