Advice for AD and Exchange forest setup after company split

Tags:
Active Directory
Exchange Server
Windows Server 2003
I have just taken over as the IT Manager for a group of companies and I am trying to figure out the Active Directory (AD) setup. Recently, I was informed that the group had sold their main company and I needed to prepare for the split. As I started to look at the AD setup I soon realized that the company we are selling is the root domain of the forest, and another company that we are not selling has a tree domain in that same forest. Will I need to create a new forest and tree domain, and then migrate the objects or is there an easier way? There is also an Exchange server in the domain we are keeping. Will I need to install a new Exchange server in the new domain as well or can I just move it to the new domain? Looking forward, we need to be able to buy and sell companies with the least amount of work. Would it be beneficial to set up a separate forest for each company and set up trust between them? We are working with Windows Server 2003. Any help will be very much appreciated.
ASKED: February 18, 2008  6:00 PM
UPDATED: March 18, 2008  1:15 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

from what I have found you have to create a new forest and use the ADMT (active directory migration tool) to be able to migrate the domain to the new one. I found this article on it:

ADMT is the primary tool for such migrations.

Key points about ADMT:
Admin privileges on both domains, install agent on Source (old) domain,
two-way (external) trusts, external trusts require NetBIOS resolution
which may require WINS server (and all DCs set to use it) if DCs are
not on same subnet, put your Destination Domain Admin account into
the Administrators group of the Source domain.

this information was posted in 2005 by Herb Martin at:

http://www.mcse.ms/message1766700.html<a href=”http://www.mcse.ms/message1766700.html”>

since it is old I will need to do some more research on the subject to find some more recent news on it.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Wrobinson
    You need to consider the service and data autonomy and isolation requirements for the organizations respectively. If there is a need to spin off or divest a company then a new forest may be required if a single forest, single domain or single forest, multiple domain scenario is not suitable. If this is the case, then you will will likely not want to establish persistent trusts between forests because it defeats the purpose. Any trusts would be for the purpose of migration and establishing the new forest(s) only. You should review the ADMT v3 Migration Guide.
    5,625 pointsBadges:
    report
  • Wrobinson
    5,625 pointsBadges:
    report
  • Jerry Lees
    I would try to create another domain controller for each domain and take the servers off line and preform a Active Directory Disaster recovery by forcing the FSMO Roles to the new Domain controllers. I've never accomplished this with child domains because I haven't had the opportunity, but I have done this in this situation with a single domain. The plus side is that you wouldn't need to migrate servers to a new domain because they would be on the same domain. If ever the domains needed to be rejoined-- it would be a challenge you'd have to tackle but it sounds like that will be unlikely..
    5,335 pointsBadges:
    report
  • Wrobinson
    Jlees, that is just a bad idea. That is all I can say about that.
    5,625 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following