Solved

Forest trust, or move domain?

Posted on 2011-09-28
4
552 Views
Last Modified: 2012-05-12
Hi again Experts,

I need to integrate my domain with another. We have a single domain in our forest, and the other company have two domains in their forest. We will be remaining as two separate companies in two geographically separate locations.

In the short term we will be creating a forest trust, however I am considering moving our domain into their forest.

Could anyone advise on the benefits of moving our domain in to the other forest? I have heard that Exchange functionality is improved.
0
Comment
Question by:failed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 9

Expert Comment

by:Lester_Clayton
ID: 36715944
You can't pick up and drop a domain from one location to another I'm afraid - you're going to have to actually migrate your domain into the target domain.   This means, migrating user accounts, data, e-mails and applications to the target domain.

Exchange functionality isn't "improved" per se, but it does mean that you will be part of one exchange organization, so mail sending and receiving is faster, and the ability to share calendears and meeting rooms is more accessible.  Also, you will get one address book rather than having to maintain two.
0
 
LVL 4

Expert Comment

by:maxsmith5k
ID: 36716032
Even the "improved" functionality that Lester_Clayton speaks of maybe done with third party products.  In my opinion, i would avoid migrating your domain into their forest - lots of problems to try to avoid.  Instead, stick with federation and if you require more than federation offers, turn to a third party product such as Quest Collaboration Services (for functionality such as synchronization of GAL etc.
0
 
LVL 11

Accepted Solution

by:
TheGeezer2010 earned 500 total points
ID: 36716083
The other alternative (if you are using Exchange 2010 on both sides and you don't HAVE to merge domains), is to set up a Federation Trust  - this will then allow both sides to share Free/Busy, and, alternatively, allow selected users, DGs etc to share contacts and calendars. You can also share same GAL using FIM (think that it what it is called now).
This is a good article explaining this avenue

http://www.tools4exchange.com/2010/07/galsync-and-federation-using-exchange-2010---part-iii---first-step.html

This is if you want to maintain co existence. If you want to merge the two forests, as stated above, the only supported Microsoft way is to migrate one forest to another. Here is an article showing the constraints of the method of such a merger ;-

http://technet.microsoft.com/en-us/library/mergers_acquisitions_active_directory_prune_and_graft_restructuring_support_limitations%28WS.10%29.aspx

and here is the Microsoft article on how to go about this merger - please be aware that this is anything but trivial, and unless you have experienced and qualified Exchange architects in house, you may be better off bring in outside consultants to design this.

http://technet.microsoft.com/en-us/library/cc974332%28WS.10%29.aspx

Good luck with whatever you decide to do !!

0
 

Author Comment

by:failed
ID: 36892542
Thanks for all the advice!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question