Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 133
  • Last Modified:

Creating a one way Transistive Truct wtih another Domain

We have 3 Domain in our environment we want collapse 2 of the domain under 1 Forest with a 1 way trust for centralized management.  How can this be achieved?
0
HyperTech1911
Asked:
HyperTech1911
  • 2
  • 2
1 Solution
 
BlueComputeCommented:
You'll definitely need to be using the Active Directory Migration Tool to restructure the domains - Can you please describe your current structure and desired structure, using DOMAIN1, DOMAIN2, DOMAIN3 and DOMAIN1\USER1, DOMAIN2\USER1 etc as examples? The question's just a little bit too expansive at the moment - Do you currently have 3 domains in 3 separate forests? And why specifically a 1-way trust?

Cheers,

BlueCompute.
0
 
HyperTech1911Author Commented:
Sorry for the delay in responding.   we have 2 domains.  One that the application group use.  and the Primary domain.  We do not want the application domain to be able to administer the Primary domain.   what is the best scenario?
0
 
BlueComputeCommented:
Ok. How big are the domains in question, roughly? And what domain level and Domain Controllers do you currently have?
It's not actually possible to move the existing domain into another forest per se; what you'd be doing is setting up a new App domain in the Pri domain's forest, then using ADMT to migrate the User, Computer and Service accounts into the new domain, keeping security descriptors intact. The process is described
here in a reasonable amount of detail. If all you want is to be able to grant users from Pri domain access to resources in the App domain, you don't actually need to move them into the same forest - you can just set up the trust and away you go. Given the number of steps involved in migrating the domain, you might want to consider setting it up that way for now and planning to merge the domains over a longer period as you commission and retire hardware/users.
0
 
HyperTech1911Author Commented:
Great! I Agree!  thank you for the good advice! Regards.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now