Multiple AD Domains
Posted on 2014-12-02
Wonder if someone could help with this one? I have done a fair bit of reading via Google but just getting more confused - I need a point in the right direction or some explanation:)
We currently have 4x Domains (Active Directory Forests) which are all independent within companies in the Group. We are now moving some departments from the companies to the Group, such as finance. This will mean Finance will need access to resources and shares on all domains. Domains are located across multiple site which are linked via VPN and PWAN's. IT is another example.
So i currently have the following:-
DomainA.local - Microsoft Windows 2008 R2 Domain, Exchange 2013, SQL Services, SharePoint Server, DFS
DomainB.local - Microsoft Windows 2008 R2 Domain, Exchange 2013, SQL Services, SharePoint Server, DFS
DomainC.local - Microsoft Windows 2012 Domain, Exchange 2013, SQL Services, DFS
DomainD.local - Microsoft Windows 2012 Domain, SQL Services, DFS
To confuse things more we have multiple e-mail domains. for example:-
DomainA1.com, DomainA2.com, Domain A3.com all running from Exchange on DomainA.local
DomainB1.com, DomainB2.com, Domain B3.com all running from Exchange on DomainB.local
DomainC1.com, DomainC2.com, Domain C3.com all running from Exchange on DomainC.local
Users will need to keep there e-mails, but in addition have emails for the other domains. so a user in DomainA who has an Email of DomainA1.com will now also need additional emails of DomainB1.com, DomainC1.com, etc.
I know i can setup a trust between all domains which i assume will resolve the issues of shares, etc, but how do i manage the Mail, especially where a user will need a mailbox on all 3x Exchange Servers. Can i move all mail services from all domains to say the Exchange Server in Domain A, which will the serve all Users on all the other Domains?
So i users laptop will be a member of one domain but be able to access resource on all domains, as they roam around all the sites, and a user will have 1 mailbox, but multiple email address for each site.
Also one other question, How would it work for Logon, say a User Laptop is a member of DomainA.local and visits a site which has DomainB.local, how does the user logon to the AD?
The ultimate goals will be to create another Domain - Say ServiceDomain.local and move all core services to that, SQL, Exchanges, etc but this is not going to happen any time soon so need a solution.