• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 542
  • Last Modified:

business sold - move two child domains out of forest into a new forest


I'm looking for a general approach from folks who have a similar experience.  The goal is to disconnect or de-couple two child domains and their Exchange servers from the parent corp due to selling off of the child businesses.  Let's assume 2003 AD and Exchange running native mode for domain, forest and Exchange.  The two child domains want to be rejoined to a common forest and will be considered the same business with two separate domains.  Let's assume a couple of hundred seats per domain.

What comes to mind immediately is that by disconnecting from the forest, you'll lose the forest FSMO roles.  I guess I'll need those again...  So I was thinking that I could build a new third domain and declare it the first domain in a new forest, then join the two other child domains to this new forest.  Also, since the Exchange servers weren't the first in the organization, I'll lose  the Offline Address Book folder, the Schedule+ Free Busy folder, the Events Root folder, and other folders as described in http://support.microsoft.com/kb/822931.  What to do there?

Since this scenario isn't yet in play, I'm looking more for a general "this is how I'd approach it" and "you may run into this..." sort of  reply as opposed to questions about what the specifics of the scenario are, because I don't know yet.  Your expertise is always appreciated.  Thanks!  
3 Solutions
Exchange will complicate things considerably.  You can find the article I've used for similar tasks here http://www.msexchange.org/tutorials/Domain-Rename.html

Good luck.
JohnDemerjianAuthor Commented:
aces4all, that one is definitely on the mark.  thank you.

Any others?
Just to make sure I have this let me restate:

Currently have 1 Forest with 3 domains
DomA, DomB,Domc

You have sold DomB and DomC

they only way to get rid o them is migrate them to somthing else, you cannot just change forest membership which Exchange is tied too etc....

Once those entities are removed form the forest and are in seperate Exchange orgs DomA -C all all seperate entities, all users would be remvoed from each others GAL, no calednarshing, etc...

but since you selloff the companies I would assume that you would not want common features between them.

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

JohnDemerjianAuthor Commented:

Much of what you state is accurate, but I'm unclear on "they only way to get rid o them is migrate them to somthing else, you cannot just change forest membership which Exchange is tied too etc...."

But essentially, think of the restraints you'd face if you sold off a part of your company that represented two out of ten domains in your forrest and you're on track.  You wouldn't want to be sharing anything with the old company.
Exchange is tied to the forest etc....  so there is not way to just lop of the domain.

You would have to setup a new envrionment and migrate that domain to a seperate entity basicaly removing the child domain by migration.

That is a good scenario.

let me ask, what do you think the process should entale? From a user/admin perspective what would be your ideal scenario?
JohnDemerjianAuthor Commented:
i'll tell you what my most feared scenario is:  having to touch every desktop.  i want to avoid any action that will render the machine/user account useless and require me to go join all computers back to a new domain and tweak everyone's desktop back to the original condition.

That said, i have to admit i'm not sure what i think the process should entale yet.  i'm doing preliminary research to help uncover a direction before i do actual research on the direction i choose.  get it? :)

so i gather from the scenario you painted above that perhaps i could:
1. create a new forest, domain struction and install exchange
2. create trust relationships to this new forest
3. move users, machine accounts and mailboxes to this new forest/domain

is that what you are proposing?  if so what tools are we talking about for the move (exmerge and what else).  would you expect that user desktops would not need to be touched?
Yes, however by using tools like Quest you will not have to go to each machine and the migration would be pretty seamless to the users.

If you used native tools like ADC, etc.... you would sync the users accounts over and move the exchange mailboxes. there would be no need for exmerge the tools will do everthing for you like join the pc to the new domain, etc....

native tools have some limitation but will be free where quest will cost you but will make you life easier.

look at migrations because that is basically what you would need to do to remove that child domain

JohnDemerjianAuthor Commented:
i've increased the point value and will split them to you both.  however, am going to wait a bit more for others to chime in.
You will need to use Active Directory Migration Tool (ADMT), which will move all the accounts (user, group and computer) into the new domains. That's the only way you will avoid visiting the desktops (unless you have another way of moving the computers between domains).

JohnDemerjianAuthor Commented:
Thanks All!

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now