My company is in the process of planning an Active Directory redesign and migration from a native 2003 forest to a 2008 forest. Currently we have two forests, one for our HQ office and one for our collocated datacenter (don't ask me why, it was here when I signed on). What they want to do is put our HQ and Collocation AD under a single 2008 forest with the two sites being child domains of the root. The planned design would look like this:
Persistent VPN --> / \
(Child Domain) (Child Domain)
Our current AD Looks like this (neither forests have site trusts):
HQ.olddomain.com ------- Collo.olddomain.com
(Separate Forest) ^ (Separate Forest)
(Connected via VPN )
My main task is to migrate the user mailboxes to Exchange 2010 that could either reside in the HQ.MyComp.com child domain or sit in the Root (MyComp.com). I would like to know the pro's and cons of having Exchange in the Root domain and linking them to accounts in the trusted HQ.MyComp.com child domain. Our Root and Collo.MyComp.com domain DCs and infrastructure are hosted in a much more robust location with replicating SANs and redundant network infrastructure, so that is why I would like to put the vital parts of our Exchange 2010 (Mailbox, CAS, Edge Transport) there rather than at our HQ location. Disaster recovery would be much easier if the critical infrastructure was placed there.
The proposed plan entails migrating all HQ users from the old domain to the new HQ.MyComp.com child domain. I've been trying to find a best practices guide to this specific example but am having problems finding one that fits our end-scenario. Any advice from the guru's of AD and Exchange would be of great help.