Splitting up two companies

We support two companies right now that are wanting to completely separate networks.  At this time we share an Active Directory domain & Exchange servers.  Fortunately we have time to do this, so I want to find out the best way to do this with minimal to no down-time.  Each company has about 150 people. My first thoughts are below & I was hoping that someone can give me some pointers. They're in order:

Build a new back-end Exchange server for Organization B.  Also build a new front-end Exchange server & point our MX-Logic SPAM service to send all messages to that new front-end.  Then, gradually start moving mailboxes from Organization A's back-end to the new Organization B Back-end.  Once this move has been completed, all of the email will be separated off, then we will proceed to the Active-Directory stage.

I may be over-simplifying this, but right now all of our servers/computers are on DOMAINA...I would build up a new AD server that is the primary DC for DOMAINB, then I would establish a trust relationship between the two (how do I do that?), then I would "drag & drop" all of our groups, users, computers etc over to that domain.  Then I would sever the trust & be working on my own.  Questions are:

1) Can I drag & drop users/groups between trusted domains?
2) How would all of my file-permissions take it?
3) Can I just move computers in AD, or would I have to go to each computer & join them to the new domain & re-create the profiles?  (any ways to do that? Organization B has 80 or so computers in the field that DO not come back in the office but once a year).

Are there any other suggestions that you can think of?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You're close, except that there isn't drag-and-drop functionality between domains, only within a single domain.  What you're describing is a domain migration, where you are migrating user and computer accounts from DomainA to DomainB.  You'll create the trust relationship (required for a domain migration) in the AD Domains & Trusts MMC snap-in.

You will need a migration tool to do this, either the AD Migration Tool (free download from Microsoft), or a third-party tool from the likes of Quest or NetPro (excellent and greatly simplifies the process, but the price will knock you out of your chair.)   A migration tool will allow you to re-ACL your file permissions and workstation profiles, so that your questions in #2 & #3 above will end up being largely seamless for the end user.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.