Link to home
Create AccountLog in
Avatar of mkueffner
mkueffnerFlag for United States of America

asked on

How to Overcome Forest Trust Issues

Because of identical netbios names, I cannot create a trust between two forests. domain.domain1 is a 2003 domain with Exchange 2003. domain.domain2 is a 2008 R2 domain with Exchange 2010. After doing some reading, it appears the 2008 / Exchange 2010 cannot be renamed. We will probably not want to rename the old 2003 domain either.

The goal is to move all users and applications to the new domain; domain.domain2. However, due to the large number of computers and applications, it will probably be impossible to move everyone at one time.

In the meantime, I am able to grant users access to resources such as file share in the old domain by using FQDN\username and password. I also have a work-around for email resources.

One big issue I am running into is granting access to applications such as IIS7 to accounts in the old domain. Here is an example: Need to do share from IIS7 for user account ASPNET@domain.domain2, aspapp3.domain.domain1 and aspapp4.domain.domain1.

1. Is there way to grant applications rights without the forst trust?
2. Are there any utilities or solutions that might be out there that might help us in this scenario?
3. Any recomendations for this transition?

Thank you,
ASKER CERTIFIED SOLUTION
Avatar of Busbar
Busbar
Flag of Egypt image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of mkueffner

ASKER

Thank you both. I'm looking at ADMT now in a lab. I will close this shortly.
ADMT can't perform all the migration task like sql migration,exchange mailbox migration etc where as Quest is a single tool, better GUi can do everything & more smoother.

MVP Pber has discussed in details abt Quest & ADMT.
https://www.experts-exchange.com/questions/23059176/Migration-using-ADMT-vs-Quest-or-other-tools.html
Thank you. I am planning a phone call with Quest this morning.
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thank you. The instructions on the link will be useful. I appreciate everyone's help.
I appreciate the help from all three gentlemen. We will test ADMT and speak with Quest today. Since this is a rush project, this will help us to save valuable time.