Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 362
  • Last Modified:

Two companies one domain

I support two companies that share the same 2003 R2 domain we will call company A and B. My task is to make company B standalone in a mixed 2003 and 2008 domain. Company B (20 users) will have it own 2007 Exchange server (currently shared 2003) DNS, MX record and everything else normally running in a domain. I am considering a couple of different scenarios to make this happen. I have five new servers and three old 2003 servers to work with. My thought is to take one of the new servers and create a separate Forest/Domain on that system with the normal roles. The remaining servers would built into the shared domain and when the circuit is ready tehy would be transferred into the new domain. I am having some doubt now that this method would be the smoothest. What I am trying to do is kept the same route/switch/ip addressing setup. So what would you recommend?
0
Richard Dillon
Asked:
Richard Dillon
  • 2
  • 2
1 Solution
 
zelron22Commented:
I think you're giving us too much of some information, and not enough of other information.  For instance, you start off  talking about two companies presumably sharing the same domain/forest and that you want to split them up.

At the end you throw in something about a circuit being ready and keeping your IP/routing/switch configurations the same.  But we don't know anything about how this is set up, because you haven't told us how it is set up, nor how it WILL be set up.

Perhaps either uploading a diagram of how it is and how you want it would help.  You may also want to break it down into more than one question.
0
 
Richard DillonAuthor Commented:
Sorry for the confusion. I do want to separate the companies into two separate entities. I will put together a diagram.
0
 
Richard DillonAuthor Commented:
Here is the drawing. See if this helps.
Network-separtion.pdf
0
 
zelron22Commented:
Okay, here's how to do it in broad strokes.  There are two ways to do this, your way, and splitting the domain.  As long as you don't mind recreating (or migrating the users) and recreating permissions, the cleanest would be your way.  Create a new forest, new users, etc.  The question is what is on the the servers you want to move?  Do they have any databases or other services relying on authentication from the existing domain or are they just file servers?

The other option is more complex, especially because of Exchange.  You would need at least one DC in each of the physical locations for the existing network.  You would also either need an Exchange server that's a member of the current organization (with the company B mailboxes and replicas of the public folders) or be prepared to manually remove the Exchange organization from the domain (after the split) so you can install a fresh Exchange organization (http://www.msexchange.org/tutorials/Remove-Exchange-server-entire-Exchange-organization.html).  Once you physically separate the sites, so that the DC's can't talk to each other, you need to seize any FSMO roles that your DC's don't have.  Then you need to use NTDSUTIL to clean up the metadata, i.e. remove the DC's that stayed behind, and either totally remove Exchange or remove the Exchange servers that stayed behind.

Once that's done, you should be able to just haul the other servers over with minimal changes (make sure their DNS is set up correctly, for instance).  

Anyway, although both have their advantages and disadvantages, I like the idea of starting fresh.  You don't have to worry about any legacy issues being dragged along with you.

Good luck!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now