New AD DS Forest Questions.. Need help badly
Posted on 2014-09-08
I'm having a bit of a conundrum about the new forest domain name and what possible implications it can have if I chose the wrong name convention...
The current issue is that the company I work for was bought out by another company and atm, where using a 2-way forest trust.
The company also has another site in Africa which is using a different forest domain but doesn't have any forest trust to either of the other 2 domains.
The current forest domains are:-
1. Company1.local (my old company)
2. Company2.com.au (main company)
3. internal.company2direct.com.ke (Africa site)
To make it worse, all three sites have their own Exchange environment and there's all types of file share/application authentication issues between sites.
Therefore, the company has decided that they want to get rid of all the exchange environments/file shares and so forth and move everything to Office365, including SharePoint and Lync
They have also decided that they want a new forest with a single domain and that the locations and security will be delegated by using different OU structures/GPO's as it's all going to administered by 2 people at the main company site. This is non-negotiable as they don't want sub/child domains or different forests, just a single entity.
They're using a third party to do the Office365 design and implementation. However I have been assigned to setup the new initial ADDS server for the new forest.
After some reading I've found that we really shouldn't be using '.local' or '.internal' for the forest root domain. I suggested that we use 'internal.thecompanynamethatisreallylong.com.au' and a NetBIOS of 'CNF' (but because its such a long name, Ifeel that if we have to use a FQDN for anything then it will cause an issue)
They want me use the following for the forest root domain 'au.cnf' with a NetBIOS of 'CNF'
Is that really such a good idea or is there any situation whereby using 'au.cnf' as the prefix.suffix could cause any issues?
I would of like to use 'internal.cnf.com.au' however the domain name 'cnf.com.au' is already registered by another company..
Once the new forest is created, I'll be setting it up with the ADFS to Office365 and create 2way forest trusts from the new forest the 3 old ones and start migrating users to the new forest domain.
Thanks in advance for you help