All, I've lurked on this list for a long time now - and it's been a real learning experience... Thanks to all of you!! Now I'm finally in a position to have something to put to the list - I'm afraid I'm still running an NT domain... But that is about to change :->
We have (fairly) recently been bought out by a company who are in the process of migrating to AD (to allow them to use Exchange 2000). I (and some others) have been asked to justify why we / they should create a separate domain in their forest to migrate our business into. I've come up with a number of reasons (detailed below) - but first, some background.... :-> "My Domain" NT 4.0 with some Win2K member servers, mixed Win2K and NT4.0 PC's (APPLICATION.RLI) Exchange 5.5 One way trust with FOONT001 (we trust them) Approx 300 Users and 40 Servers "Their domain(s)" NT 4.0 with some Win2K member servers, mixed Win2K and NT4.0 PC's (FOONT001)(our domain trusts this one). Win2K Forest, Empty root domain (FOOGROUP.NET) 1 sub-domain (FOO.FOOGROUP.NET) Exchange 2000 - migration underway from mainframe based system (Memo) Approx 5000-6000 Users and 500+ Servers Company Structure: Us: We are an offshore finance house - pensions and investments mostly to far-east customers. To maintain this status we have to show a level of "off-shoreness" to the authorities. IT has historically been provided in-house, with little reliance on parent company. Group: Centralised IT structure, heavy use of Citrix and web-based apps provided from head office. Tend to have little or no IT presence in "remote" offices. What we are leaning towards is that we create another sub-domain (FOOI.FOOGROUP.NET) and migrate our domain into this. They are suggesting that we migrate into FOONT001 - and will ultimately be assimilated into FOO.FOOGROUP.NET. I'm trying to avoid the pain and suffering for our users of a double migration Reasons for separate domain: 1. Ease of migration - one step, at our pace - we "control" the sub-domain, so we control the migration. Consolidation into one domain at a later date would be relatively easy. 2. Ease of separation in the event we are sold off. We are an entirely separate business unit - and could be sold easily and at short notice. 3. Separate policies - as a part of our offshore status, we are sometimes subjected to different regulatory requirements. Based on my understanding, GP's are (to an extent) domain specific - so we could implement different password requirements for example, if required. Basically, does my argument seem sensible - or should we be looking to create an OU for us? Or something else entirely? Sorry for the long post - Any comments / suggestions / flames / help would be gratefully received - and I'd be happy to clarify anything. Thanks in advance Jack List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
