No announcement yet.

Shifting Infrastructure and setting up AD Trust

  • Filter
  • Time
  • Show
Clear All
new posts

  • Shifting Infrastructure and setting up AD Trust

    Hi All,

    Our office infrastructure comprises the following:

    Domain Controller DC 1 Win 2003 std
    • Global Catalog
    • AD, DNS and DHCP
    For redundancy we have setup another Domain Controller as follows:
    Domain Controller DC 2 working as a Replication partner Win 2003 on Dell Hardware
    • Global Catalog
    • AD and DNS
    File Servers 3x Windows 2000 Server

    There are total 50 users comprising of desktops and laptops.

    In the beginning of this year our company has been acquired by a large company. Recently we had a meeting with their IT team and they mentioned that their management had proposed to shift our staff and IT infrastructure to their head office.

    Our new employer outsource their IT systems management and their vendor have proposed the following options:

    Option 1
    • Move our whole IT infrastructure on a LAN at their office
    • Setup trust between two domains ie and
    • Configure user accounts on Domain Controller.
    • Change the login scripts appropriately to map drives and printer
    Option 2
    • Move our entire IT infrastructure as it is and set it up physically on a separate VLAN.
    • Initially integrate Accounts department users as there is a requirement to access their SAP systems.
    • Later integrate other users
    Since I have no experience on working in a setup consisting of trust between two domains of separate forest, I am trying find out what the precautions required at our AD domain so that there is no major problem at our setup.

    Can someone throw some light and educate me on the following issues
    1. Feasibility of both the options
    2. Since all desktop & laptops are a member of that has been trusted by, how does the login and validation mechanism work.
    3. How will the File Server permission work. Is there a tool for migrating the permission.
    4. How does group policies work in such a scenario or is there a tool for migrating those.
    Please suggest other precautions.



  • #2
    Re: Shifting Infrastructure and setting up AD Trust

    You don't have too many users, so I guess the question is, what's the point of moving your infrastructure if you're going to possibly get rid of it?

    I'd rather migrate my users with ADMT with sidhistory for permissions, as well as the servers (how many servers do you have?) and then ditch the domain when all is said and done than plan a physical move and then a domain migration..
    VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah