Okay, so this is a somewhat complex situation and I'm trying to find out the answer before a big project.
I recently started working for a company that uses their public domain name for their internal domain as well (let's just say company.org). Because we handle medical data, we need to ensure we are HIPAA compliant, and the security risks associated with this domain name could cause some problems. We are doing a major overhaul of the network, including replacing the servers, over the next 2 months or so.
What I would like to do is create a new domain and migrate all users, Exchange, etc. to this new domain name in order to get away from the issue described above. In order to ensure we are using best practice, I want to call the new domain name something under our registered domain (for instance, internal.company.org).
In order to migrate everything easily, we'd need to create a forest trust between these two domains, as they will have different IP schemes (again, replacing all the servers and modifying the network setup, which includes this change as well) and will not actually be part of the same domain (I'm not just creating a child domain). However, I fear that when I try to create conditional forwarders and the forest trust, I may encounter difficulty with this related to the fact that my new domain looks like a child domain of the existing one.
Anyone know if that will be an actual problem, and how I might get around this if so?