Joining two separate domains into one AD Sites and Services?
Posted on 2013-05-14
I have been really struggling with what to do. I don't know if this is the appropriate place to ask the question but I don't have much in the way of options.
I have two locations that currently operate independently. We can call them domainone.com (main office) and domaintwo.com (remote manufacturing). They both are on seperate /24 networks.
Each has it's own domain controller, terminal server, exchange server, and ERP. All running Server 2008 R2.
We are currently connected to one another through two Talari boxes (think VPN tunnel using multiple ISP's with a sprinkle of wan op). So we can access resources on both ends through this tunnel but can not resolve names.
The ERP application is being consolidated into one Database so must be served out of one location. domaintwo.com will access this ERP application via published app in terminal services at domainone.com.
The goal is to provide the users in domaintwo.com with the best experience possible while also saving money and lowering support needs at domaintwo.com. My initial plan had all data moving from domaintwo.com to domainone.com and having domaintwo.com use resources entirely through TerminalServices. We do that now with another (smaller) site and that works well. I worry about performance however, and various other issues that may crop up.
It was suggested to me that instead it would be best to set up a new domain controller at domaintwo.com and join that domain controller to domainone.com. Use migration tools or manually re-create the AD accounts for users who were previously domaintwo.com. Also, we would need to create PST files for all mailboxes to import into domainone.com for the newly created mailboxes. We would then need to re-auth all clients to the new domainone.com controller on site.
I believe this would use AD sites and services, but what about addressing? Will I need to change addressing on both sites? As I said each runs it's own /24 now. If we pulled them both under one /24 address space 253 addresses would be a bit tight but doable. Is it possible to run AD Sites and Services with each side having separate class and not really sub-netted?
Example being site A 192.168.1.0/24 and B being 192.168.2.0/24 From what I understand that isn't sub-netting as each is it's own class C with a 24 bit mask. To subnet properly I would need a /23 or /22 correct??
I have been struggling with what to do and second guessing myself too long. Any advice or thoughts on this would be welcome at this point.