Merging Domains

pts.
Tags:
Desktops
Management
Microsoft Windows
OS
Security
Servers
SQL Server
The company I work for is acquiring another company and I have been tasked with making the two domains coexist. Let's say the domains are abc.com and xyz.com The abc.com domain is a mixed mode environment (Windows 2000 and 2003 DCs). The xyz.com one has Windows 2000 native. Here are my questions. 1. Can these domains have explicit trusts between them indefinitely? 2. How does it work as far as when users in xyz.com need to access resources on abc.com (and vice versa)? Do they need to have accounts setup in both domains? 3. Do IP addressing schemes need to change when both domains are connected? We are planning on connecting the data centers via a T1 circuit. I've read all sorts of white papers on AD on Microsoft's website, but none of them seemed to answer these two questions. Any help would be greatly appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

1 – Yes
2 – Implicit trusts by groups – group A (ABC) is given permissions to resources on XYZ, group B (XYZ) is given permissions to resources on ABC. This means the users do NOT need accounts in both domains. Permissions by group save a lot of wear and tear on the admin staff.
3 – No. That was the easy answer. Truthfully it will depend on the manner in which you connect the schemes. Firewall to firewall and the ‘NAT’ will do the work for you. Inside the firewalls, Private set 1 (i.e. 192.168.aaa) to private set 2 (i.e. 192.168.bbb) would just be a sub net adjustment. Private set 1 to private set 3 (i.e. 10.ccc.ddd) would need bidirectional NAT and careful thought about the larger overwhelming the space in the smaller. For security and addressing simplicity consider VPN – a member of A has two addresses one for his A domain and the VPN address for B.
Good luck.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following