Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


split up domain

Posted on 2011-03-23
Medium Priority
Last Modified: 2012-05-11
how do i split up domain
Question by:jag-pens
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
LVL 74

Expert Comment

by:Glen Knight
ID: 35203737
Any more information?

What type if domain? What type of splitting up do you want to do?

Author Comment

ID: 35203767

I was trying to do a search logged on through an rdp session (any way to run a lighter weight expertss exchange session?).

Anyways, main site all 2003 servers, primary and backup dc, 2003 exchange. One company (of two) leaving the premises and want to split completely (but that could change somewhere down the road...).  I'm not that worried about the data as the permissions can be redone relatively easily.  Rough numbers 120 users total split in two.  More concerned about Exchange than anything.  My gut says go with a new forest, then establish new domain for departing company, install fs and exchange, then move users over, but it's going to get messy...OWA and outlook anywhere users all over the place.  Remote site has single fs as bdc (again 2003)...

LVL 74

Expert Comment

by:Glen Knight
ID: 35203783
Your right, the best bet is to start a new domain, especially as exchange is installed.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 18

Accepted Solution

Netflo earned 1000 total points
ID: 35203807
Probably suggest creating a new forest and domain for the departing company, possibly a longer route but that way there are no dependencies. Yes the OWA and Outlook Anywhere could get messy, however if you have multiple IPs that shouldn't be an issue, if planned correctly.

You can still allow both domains to talk to each other via domain trust temporarily while you are in migration. For Exchange providing users mailboxes are below 2GB, Exmerge should be okay and importing should be a breeze too.

Heads up for the existing users who may have dud cache entries in Outlook when sending to users in the new domain. Going forward if the two separate domains wants to talk in future this can be done, you could always establish a trust later and allow file access.

If both organisation upgrade to Exchange 2010, you can take advantage of Federation Services, which can allow calendar, contact and free/busy access across forests too.

Hope this helps.
LVL 74

Expert Comment

by:Glen Knight
ID: 35203819
If you split the domains (by taking a DC offline and seizing all the roles to it) there is a whole load if cleaning up required.  It's also unlikely you will be able to trust each other because it's the same domain (although I've never tried so don't know for sure)

What you are suggesting is frought with problems, no doubt unsupported if you ever run in to problems, and I woukd seriously recommend against it.

Setting up a new, clean domain is the best way forward.  I personally, wouldn't even be considering anything else because of the work involved in putting it right.

Author Comment

ID: 35203833
To demazter,

Sorry, what exactly do you mean by "What you are suggesting is frought with problems"?
LVL 18

Expert Comment

ID: 35203850
In other words, new domain and forest is the only way forward. Splitting the DCs and seizing the roles on both DCs to create two split networks is not the best way forward and you could end up with endless issues.
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 1000 total points
ID: 35203855
Well, any type of split of an existing domain for use by 2 different entities is going to cause problems with Acive Directory.

It's really not worth the hassle.

Author Closing Comment

ID: 35203863
Ok guys, thanks for your input!

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question