Splitting companies and domains

Adding a router won't cause any issues whatsoever.  How do you think multi-continent domains work? :-)

You can simply create a child domain in the current forest of you still want the new company to be under the same control as the wider corp.  If you want to completely separate them just create a new domain in the existing forest and create trusts if need be.

Physically moving the domain can still be achieved if you choose either option above.

I think my biggest concern with the router is I would need to add another DHCP server behind it since DHCP traffic  won't traverse the router. Just trying to keep it simple. the less i have to do the better :)

I think creating a new domain within the forest would be my best option. We want to try and keep the domains and separated as possible as we may move this dept to another site and they would not have the need to part of our current domain any longer.

You can just use an IP helper (sometimes called DHCP relay) to forward DHCP requests from the remote subnet to the current DHCP server.  Easy peasy!

You can still move the new domain to a new site if you want/need to, even if it's part of the same forest, and sometimes you may actually want to easily share resources between domains even if they are geographically separate.  Of course, if there's never going to be any chance of wanting to do that you can just go ahead and create a new forest/domain.

It may be easiest to just create a new forest for the new company and enable trusts until the spinoff.  Once the spinoff occurs, it's just a matter of disabling the trusts.

Until the spinoff, does it matter if the same IP range is used, or do you wish to segregate this now as well?  It's probably easiest just to create the entire new environment now and avoid issues later, so likely best to just ensure that DHCP is enabled for each forest/domain.

If i could use the same IP range for now that would be great. However, with two forests and two domains, how do i separate them when they are all on the same IP range? For example, if i want to add a computer in the new domain how will it know? Would it be because of the trust relationship?

My end goal (easier said than done, i know) is to be able to pick up the servers and move them to another building (change IP's of the DC's if needed) and make it as though this dept has always had their own domain. I foresee that eventually they will be in their own office space and totally separate from us.

We also use several NAs devices that i will need to move shares and permissions over to the new domain.

Everything is DHCP, except our servers.

Where I was going with the question is if the users are hardwired based on physical cube or office, you could separate your DHCP based on IP range or switches.   If they're all on wireless, it's a bit more complex.

Oh, i gotcha. The good thing is this dept is all on one floor. As mentioned earlier one idea i had was to put in a router and segment them off that way and put the new DC's on that segment. I would need to add a dhcp server (which i could probably do with an extra cisco router we have), change the printer IP's on that floor and then somehow trust the new forest/domain.

Thank you. I think I am going to go the route of separating them via VLAN (or even by router on the floor) and then creating a new forest/domain and then adding a trust.

Thank you both for the info.