pdesjardins1
asked on
Splitting users off to new domains/groups
Hello,
Our existing company has an exiting domain (mydomain.local), AD servers, backup servers, exchange, AV servers, the works.
We have 4 people that we had to split off into a new company, and for legal reasons have to make them their own individual company, not on our domain. In addition, in a few weeks we will be buying another small business, 10-ish pc's, again, needing to be its own unique domain.
All pc's are winXP
Current domain servers are 2003
I'd like advise to start this off right.
requirements:
All machines will be on the same WAN.
I must be able to manage all the machines.
All machine require backup.
the 2 new groups be 'independent' from each other, and mother company.
File & printing Sharing between companies.
-2 new groups use Office 365, so no Exchange requirements.
I was thinking of doing Small Business Server 2011 for the two new groups, but have no experience with SBS.
Our existing company has an exiting domain (mydomain.local), AD servers, backup servers, exchange, AV servers, the works.
We have 4 people that we had to split off into a new company, and for legal reasons have to make them their own individual company, not on our domain. In addition, in a few weeks we will be buying another small business, 10-ish pc's, again, needing to be its own unique domain.
All pc's are winXP
Current domain servers are 2003
I'd like advise to start this off right.
requirements:
All machines will be on the same WAN.
I must be able to manage all the machines.
All machine require backup.
the 2 new groups be 'independent' from each other, and mother company.
File & printing Sharing between companies.
-2 new groups use Office 365, so no Exchange requirements.
I was thinking of doing Small Business Server 2011 for the two new groups, but have no experience with SBS.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I decided to use the 2008 r2 approach as one domain already uses 2008 r2.
In the New Trust Wizard I am asked if this is to be an External Trust or a Forest Trust.
Again, users in both companies will need to access file servers in the other (ie not their) company
And, as the admin, it would be helpful to gain access to all the machines in both companies without changing my credentials
In the New Trust Wizard I am asked if this is to be an External Trust or a Forest Trust.
Again, users in both companies will need to access file servers in the other (ie not their) company
And, as the admin, it would be helpful to gain access to all the machines in both companies without changing my credentials
set it up as a forest trust. You can set permissions between the two so you can allow access to resources/administrator
i.e. on the file server Domain Local group to set permissions, use the global group from the other domain to add the users to and then nest the global group in the local group.
for yourself once the trust is in place you can add you main admin account to any of the groups in the other domain
i.e. on the file server Domain Local group to set permissions, use the global group from the other domain to add the users to and then nest the global group in the local group.
for yourself once the trust is in place you can add you main admin account to any of the groups in the other domain
ASKER
Thank you irwazelwallis.
How many forest trust can I have?
Right now I can see having my HQ company, plus two smaller companies...and I'm sure I'll be adding more smaller units in the year.
How many forest trust can I have?
Right now I can see having my HQ company, plus two smaller companies...and I'm sure I'll be adding more smaller units in the year.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You need one public IP per system though. Regardless of what you do.
For centralized management, you can still do trusts - IF you transmog the 2012 Essentials installs back to Standard server. This preserves all the features of 2012 Essentials and removes the SBS restrictions. And since you have a 2012 license, you're covered.