No announcement yet.

Move OU out of forest

  • Filter
  • Time
  • Show
Clear All
new posts

  • Move OU out of forest

    I am new in this area, so I decided to ask you guys (the experts) for advise.
    Here's the case I am confronted with soon :

    We as a OU (own company) are part of a single domain/forest.The forest contains multiple OU's (different companies).Each OU has it's own Exchange 2003 server.
    We do have full OU admin rights, so we can create/delete/modify everything in the OU.
    The AD admins are belonging to another company.So DC's and all is under their control. Also the 2 DC's we have here locally on site.

    We are going to separate from the main company and do everything ourselves.

    Now the question is, what is a good scenario, which things do I have to keep in mind?
    I can not afford much downtime or loss of production!!! The impact should be low or almost unnoticeable.
    Scenario I am thinking of is preparing all AD major components (global catalog, PDC emulator,etc,etc) in here and disconnect all connections with the mother company and other OU's.
    Then I will continue with the current AD domain, meaning I do not have to transfer computers to a new domain and do not have any downtime on my servers.

    Is this feasible or are there any other solutions?

    Please help/advise on this one.

  • #2
    Re: Move OU out of forest

    My way to do it: Just a high level plan, needs to eleborate more..........

    1. Create a separate Domain ensure the full functionalities including mails.
    2. Create a trust with current domain.
    3. Migrate users using ADMT.
    4. Configure all the users as per the requirement.
    5. Still retain the old ones.
    6. Migrate computers in chunks and see if they works fine.
    7. Ensure everything runs fine.
    8. Break trust.

    Kapil Sharma
    Life is too short, Enjoy It.