Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1170
  • Last Modified:

Joining two Active Directory Sites together

My company has one AD site containing one domain.  Recently we have taken over another site in another state using Active Directory.  I am trying to develop a plan of sorts to merge the two AD site together.  Is there any guide that I can use that will give an idea on to get started joining the two domains.
What items should I be looking for.  I am thinking the two will need to have a trust between them but our company will be responsible for their mail also.
0
hgarciatx
Asked:
hgarciatx
  • 5
  • 4
  • 3
  • +1
1 Solution
 
KCTSCommented:
You can't actually merge the domains, but you can indeed create a trust between them. http://technet2.microsoft.com/windowsserver/en/library/7929b0c4-efe1-409c-99e3-efe9815f426d1033.mspx?mfr=true
0
 
Jay_Jay70Commented:
you might want to consider a complete migration into your current domain....
http://www.block.net.au/help/ad-architecture/

You can use ADMT to get the migration kicked off if thats the path you choose
http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212&displaylang=en
0
 
fishadrCommented:
As KCTS has suggested, creating a trust between the domains will allow you to share resources between the two systems, and if sufficient permissions have been created will allow administration of the two domains and is standard practice.

As Jay Jay70 suggests if you then want to have one domain you will have to move the accounts from one of the domains in to the other domain. Using the Active Directory Migration Tool (ADMT) free from Microsoft allows you to move accounts from a source domain to another domain an maintain the settings ans security, it can also migrate the computer accounts so that the profiles are maintained.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
hgarciatxAuthor Commented:
Can I have pros and cons of migration as opposed to trust.
0
 
hgarciatxAuthor Commented:
Another question:  How will trust handle the exchange servers if we are going to be responsible for their email domain.
0
 
fishadrCommented:
The link from Jay_Jay70 should answer your questions:
http://www.block.net.au/help/ad-architecture/

In a nutshell, implementing the trusts allows you to access data in both domains (once you grant security), you will also be able to manage both domains. It is a quick and easy way to to link the two systems but they are still two different management entities.

If you migrate the two in to one you will have one AD structure, Domain policy etc as per the article mentioned but there is obviusly a lot of work in the migration.

You will have access to thie e-mail servers to manage them over the trust but as they are in two seperate forests you will have to manage them independantly (until you migrate in to one (if required))
0
 
hgarciatxAuthor Commented:
so basically if I go with a Trust between sites, I will still have two separate Exchange Org.
0
 
fishadrCommented:
Yes, you will have to migrate the mailboxes from the other Org in to the new Org to have them under one Organisation for management purposes. They can co-exist quite happily until you can merge (migrate) the two
0
 
Jay_Jay70Commented:
pros of trusts - quick and easy to setup from an AD point of view
cons - migration of mailboxes and segmentation of exchange....

Pro's of Single Migration (all in my article) but in a nutshell, its one centrally managed solution - much nicer to work with
Con's - Migration time can be a killer, its a lot of work, however, its well worth it - i go the migration path almost every time
0
 
hgarciatxAuthor Commented:
If eventually the company were to get rid of the added site will it make sense just to stick to trust even it is for a year?
0
 
Jay_Jay70Commented:
yes, deffinitely, if the company is going to sell it off, then a trusted domain is the way to go
0
 
hgarciatxAuthor Commented:
If I go with a single AD, what effects can I expect with replication over to the other site in the other state.  Will the other site need to be a child domain or since it will be a single AD, I will need just another Domain controller being replicated back to the other site.
0
 
Jay_Jay70Commented:
just another DC - if you have VPN between the two, then the actual replication traffic is pretty small

If you are going to sell though, i wouldnt integrate it - you will just be doubling up - if you arent going to sell, go the single Domain path
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now