Solved

Recommendations for managing two companies on same Domain

Posted on 2010-09-06
10
457 Views
Last Modified: 2012-05-10
I am setting up a SBS 2008 for two businesses, but am looking for any best practices from anyone. My past has only included working with a single company for a single so doing some research.
0
Comment
Question by:Flipp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 50 total points
ID: 33614397
Well, I would consider this a bad idea - one company is going to have pain when they separate.

But, for the moment, I would treat them as two separate departments.  Create groups for each company, setup two Domains in Exchange and set the default e-mail addresses appropriately.
0
 
LVL 6

Author Comment

by:Flipp
ID: 33614603
The companies do work quite close already, and yes I agree it is not the best practice in theory.

Unless there are show stopping circumstances, I will continue to manage both businesses (who physically are in the same premises) with the one SBS 2008.

I have already started separating them with Security Groups and Email Policies, but since I am new to SBS 2008 I wanted to see if I should also look at creating new roles for each etc.

When you say setup two domains in exchange, do you mean to setup two authoritative domains?
0
 
LVL 7

Expert Comment

by:ieden
ID: 33614608
If you can afford it, create a parent domain and two child domains. (Corp.com, company1.corp.com and company2.corp.com) Then formulate trust.  http://support.microsoft.com/kb/255248
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 33614681
ieden, that is impossible - SBS does not support sub/child domains.
0
 
LVL 6

Author Comment

by:Flipp
ID: 33614683
Probably at this stage, since we have already deployed the server to the client, they would not be interested in investing additional money in my time to set this up.

But I think this is good advice.
0
 
LVL 6

Author Comment

by:Flipp
ID: 33614689
ANy other ideas then?
0
 
LVL 8

Expert Comment

by:PeteEngineer
ID: 33614699
0
 
LVL 7

Accepted Solution

by:
ieden earned 150 total points
ID: 33617116
My advice would be to create a structure that looks something like this:
OU=Corp
 OU=Company1
  OU=Finance
   OU=Computers
  OU=Marketing
   OU=Computers
  OU=Sales
   OU=Computers
 OU=Company2
  OU=Finance
   OU=Computers
  OU=Marketing
   OU=Computers
  OU=Sales
   OU=Computers
 OU=SharedResources
  OU=Servers
  OU=OtherGroups

With a setup like this, you can create groups with Company specific prefixes like; 1engineers, 2 engineers, 1Representatives, 2 Representatives... Etc...

I would create groups that include "AllUsersCompany1 and AllUsersCompany2" While groups like Domain Users have automatic membership, these newly created "SuperGroups" could be used to administer access to shares that should only be accessible by one company or another.

No doubt, there will be pain while setting this up. I recommend roles based groups and assign access by job description and not individual user. Get with HR to make your groups closely resemble the job descriptions they are using for payroll.

Also, create groups for the expressed purpose of sharing info between the companies. (Share, 1MktShareRead, 1MktShareMod, 2MktShareRead, 2MktShareMod) Never assign "Full Control" to an end user of Job Description. Modify is adequate!

If there are issues with users accessing files they couldn't access before after logically planning this with departments and HR, get change control to cover your heiny and have a manager sign off on it from both departments. Always cover your assets.

Good luck!
0
 
LVL 5

Assisted Solution

by:DanMar
DanMar earned 50 total points
ID: 33624375
You can merely add a new domain name to the Exchange User email policy for the new company and ensure DNS MX records are pointing to the same IP as your main domain name.
This was you can assign default company names to employees according to which company there are with and have the same server hosting everything.  As far as administration, you can split up the users into different OUs, groups etc. if you need to lock things down i.e. permissions to shares etc. as the Authenticated Users group will include both companies.
0
 
LVL 5

Expert Comment

by:DanMar
ID: 33624385
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question