SS Technology Forum
Not logged in [Login ]
Go To Bottom

Printable Version  
Author: Subject: cross forest migration
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/7/2011 at 03:38 AM
cross forest migration


HI,

I'm loking for expert advice for following senario.

1. Company A got a business unit with 5 sites. All are in windows 2003 AD and one single Forest.

2. Each Site got 1 AD server With 300 uses.

3. Company B acquires this business unit with those 5 sites ( company B also windows 2003 AD)


So what is the best way to plan the transition and pros and cons?

Option1: Create new Forest and create the trust between Companies A and move the users/ mailbox and computers?
Once the cutover create the trust between Company B?

Option 2: Create the Child Domain and then trust the Company A and do all the migration?


Security and flexibility is very important?

Thanks,

Cosy
View user's profile
Santhosh Sivarajan
Super Administrator
*********




Posts: 299
Registered: 6/29/2009
Location: USA
Member Is Offline


[*] posted on 12/7/2011 at 04:33 PM


I think you are missing another option – Why can’t you migrate all resource from Company A to Company B (existing AD and Exchange). In my opinion, that is the best option unless you have a valid business reason to create a new Forest.

Option 2 – Why do you need to create a child domain? I always recommend a single domain structure.

Anyway, you need to use a migrate tool to migrate all resources from one domain to another. Microsoft has a free tool called ADMT - http://www.microsoft.com/download/en/details.aspx?displaylang=en&id...

Here are my notes on ADMT the migration process - http://www.sivarajan.com/admt.html
You also need to think about mailbox migration plan. ADMT doesn’t have a mailbox migration option.

You can look at the following third party migration tools also:
Quest – http://www.quest.com/migration-manager-for-active-directory/
NetIQ - http://www.netiq.com/products/dma/default.asp

Here is an old ADMT Vs QMM comparison document - http://www.sivarajan.com/scripts/QMM%20Vs%20ADMT.pdf




Santhosh Sivarajan, Microsoft MVP-Directory Services

http://blogs.sivarajan.com/
http://portal2.sivarajan.com
http://twitter.com/santhosh_sivara
http://www.linkedin.com/in/sivarajan

This posting is provided AS IS with no warranties,and confers no rights.
View user's profile Visit user's homepage
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/7/2011 at 08:10 PM


Hi Santhosh,

Thanks for replying to my post.

Company B got single tree forest ( multi domins for each business unit) So they want this new business unit to operate own.

compb.com--> west.compb.com
----> east.compb.com etc etc so they prefer to add this new business unit as --> aus.compb.com ?

This is option 2.

But doing this i think we are going to complicate the migration?
1. schema need to share (windows 2003)
2. cannot introduce new windows 2008 and exchange 2010 servers to the forest without updating the root forest schema?
3. compb got exchange 2003 and compa got exchange 2007
Cannot introduce Exchange 2010 to aus.compb.com child domain without preparing the root domain
4. When we create the trust between CompA - security concerns for both companies?

So thats why i thought option 1?

what do you think?

Thanks,

cosy
View user's profile
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/8/2011 at 04:30 PM


Any Idea Santhosh?
View user's profile
Santhosh Sivarajan
Super Administrator
*********




Posts: 299
Registered: 6/29/2009
Location: USA
Member Is Offline


[*] posted on 12/8/2011 at 06:17 PM


Again, domain decision can be based on business or technical reasons. If you have a valid business reason, you can create a child domain for your business unit.

>>>So they want this new business unit to operate own
Keep in mind that it is not its “own” domain. it is another domain inside a Forest. That mean Schema is same though out the Forest.

You can have only one Exchange per forest. So if you need to use Exchange 2010, you need to upgrade the schema and install an Exchange 2010 server.

Trust – What is your concern? There are some security considerations for trust. You can read more info at http://technet.microsoft.com/en-us/library/cc755321(WS.10).aspx




Santhosh Sivarajan, Microsoft MVP-Directory Services

http://blogs.sivarajan.com/
http://portal2.sivarajan.com
http://twitter.com/santhosh_sivara
http://www.linkedin.com/in/sivarajan

This posting is provided AS IS with no warranties,and confers no rights.
View user's profile Visit user's homepage
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/9/2011 at 06:01 AM


HI Santhosh, Again thanks for your comments.

Yes, I need to go with their business requirment. I just check they are runing Windows 2008 Schema so i can add windows 2008 R2 servers?

"You can have only one Exchange per forest. So if you need to use Exchange 2010, you need to upgrade the schema and install an Exchange 2010 server."

Parent domain in USA- parent.com( got exchange server)
Australia child Domain - aus.parent.com -( got exchange server?)
Sydney child Domain of above- syd.aus.parent.com ( got exchange 2003)

now i'm going to create one for melbourne melb.aus.parent.com ???????

So i cannot install the Exchange 2010 in melb.aus.parent.com domain?

So in this case i need to create new forest ? if so how do i sync GAL?

pls help?
View user's profile
Santhosh Sivarajan
Super Administrator
*********




Posts: 299
Registered: 6/29/2009
Location: USA
Member Is Offline


[*] posted on 12/9/2011 at 09:25 AM


>>> I just check they are runing Windows 2008 Schema so i can add windows 2008 R2 servers?
If you are planning to add Windows 2008 R2 DC, uou need to upgrade the Schema for Windows 2008 R2 first. Review the following blogs:
http://portal.sivarajan.com/2010/03/active-directory-schema-version...
http://portal.sivarajan.com/2011/06/verifing-adprep-domainprep-resu...
http://portal.sivarajan.com/2010/03/windows-2008-r2-adprep.html

>>> now i'm going to create one for melbourne melb.aus.parent.com ???????
That is up to you..technically you can create any domains inside your parent domain.

>>> So i cannot install the Exchange 2010 in melb.aus.parent.com domain?
Again, it is based on your Exchange architecture. One Exchange Org per Forest.

>>> So in this case i need to create new forest ? if so how do i sync GAL?
You have to use a GAL Sync software like IIFP, FIM etc
http://social.technet.microsoft.com/wiki/contents/articles/microsof...




Santhosh Sivarajan, Microsoft MVP-Directory Services

http://blogs.sivarajan.com/
http://portal2.sivarajan.com
http://twitter.com/santhosh_sivara
http://www.linkedin.com/in/sivarajan

This posting is provided AS IS with no warranties,and confers no rights.
View user's profile Visit user's homepage
cheap
Junior Member
**




Posts: 14
Registered: 12/9/2011
Member Is Offline


[*] posted on 12/9/2011 at 07:37 PM




[Edited on 12/10/2011 by cheap]
View user's profile This user has MSN Messenger
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/10/2011 at 12:57 AM


HI Santhosh,

Sorry i just keep asking. Now i need your help.

>>> So i cannot install the Exchange 2010 in melb.aus.parent.com domain?
Again, it is based on your Exchange architecture. One Exchange Org per Forest.

They have a Exchange 2003 so my question we cannot install any version of exchange in to above child domain?

In this situation what is your recomendation?

View user's profile
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/11/2011 at 07:39 PM


HI,

Why i cannot install Backend Server? Only Mailbox server for child domain?

How can i setup OWA and OMA for this child domain?
View user's profile
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/12/2011 at 06:57 PM


Can you help please?
View user's profile
Cosy
Junior Member
**




Posts: 15
Registered: 12/7/2011
Member Is Offline


[*] posted on 12/14/2011 at 05:57 AM


where are you now?
View user's profile
Santhosh Sivarajan
Super Administrator
*********




Posts: 299
Registered: 6/29/2009
Location: USA
Member Is Offline


[*] posted on 1/5/2012 at 09:48 AM


Sorry for the delay. I was on vacation. Are you still experiencing any issues with our migration?



Santhosh Sivarajan, Microsoft MVP-Directory Services

http://blogs.sivarajan.com/
http://portal2.sivarajan.com
http://twitter.com/santhosh_sivara
http://www.linkedin.com/in/sivarajan

This posting is provided AS IS with no warranties,and confers no rights.
View user's profile Visit user's homepage
Santhosh Sivarajan
Super Administrator
Thread Closed
2/16/2012 at 07:19 PM

  Go To Top

Powered by XMB
Powered by SiteGround Web Hosting

XMB Forum Software © 2001-2009 The XMB Group
[Queries: 16] [PHP: 56.8% - SQL: 43.2%]