We're about to begin the migration from a source forest domain to the target forest domain located in the same subnet. I'm the administrator of both domains ( sourcedomain.com and targetdomain.com)
Groups and OU WILL NOT be migrated. For several reasons we've decided to create a new scheme; global groups, local groups and so on in the target domain. Of course we'll have to start over with the ACL, permissions, etc. A lot of work.
The source domain will be useless after the migration. All users, profiles, computers, member servers, and Exchange 2003 mailboxes (move-mailbox cmdlet) will be migrated on the new domain. The Exchange 2007 are already running. We are not going to migrate the DC from the source domaine.
A two-ways transitive trust has been enabled already. But it looks like different trusts must be established depending on the object to migrate as you can read from the the ADMT 3.1 migration guide:
"To migrate users and global groups, you must establish a one-way trust between the source domain and the target domain, so that the source domain trusts the target domain.
To migrate resources or translate local profiles, you must do one of the following:
" Create a one-way trust between the source domain and the target domain.
" Create a two-way trust between source and target domains."
What's happen if I use a two-way trust for all objects ?
I have to create a user for delegation on each domain. As I am administrator of all domains can I use instead the administrator account ?