Domain merge

[Guest]

Hi,

My company has just acquired a new company. We have a windows 2000 domain
and use Lotus Domino and they have a windows 2000 domain and exchange 2000.

Unfortunately they have a very complex telephony system that runs on 2
member servers.

I would like to merge the new company's domain into our windows 2000 domain
without affecting their exchange 2000 config which runs on their single DC.

I'm assuming I can't use ADMT because of the exchange server and I have read
that demoting the server then promoting it into our windows 2000 domain is
not recommended!

This leaves me a bit lost! I would like for the users to keep their exchange
mailboxes and the computer accounts for the member servers which deal with
telephony. As there aren't many users to deal with I'm fine about creating
new accounts and even bringing their workstations into the domain manually.

If I took PST’s for the exchange 2000 users and removed exchange would I
then be able to use ADMT to move the DC from the acquired company into our
windows 2000 domain?

I look forward to any advice.

Many thanks

Greg

 

[Ken B]

I haven't done this, but is creating trusts between the two domains not
possible? That should bring you the best of both worlds, allow them to keep
their exchange org, you with your lotus, and their telephony staying 'put'

Ken

 

[Herb Martin]

My company has just acquired a new company. We have a windows 2000 domain
and use Lotus Domino and they have a windows 2000 domain and exchange 2000.

Unfortunately they have a very complex telephony system that runs on 2
member servers.

I would like to merge the new company's domain into our windows 2000 domain
without affecting their exchange 2000 config which runs on their single

DC.

There is no way to technically merge (or graft) domains or to graft
domains onto an existing forest.

Your choices include:

1) External Trusts between the domains (just like NT domains)
2) Migrate all users/computers from one domain to the other

#1 doesn't work well for complex forests but is fine for 2-a_few domains.

For large forest cooperation, Forest trusts are possible but only if
EVER DC in both forests is running Win2003 and you enable Windows
2003 forest functional level.

I'm assuming I can't use ADMT because of the exchange server and I have read
that demoting the server then promoting it into our windows 2000 domain is
not recommended!

Well, that is fine for moving a server, but it does nothing for the users.

This leaves me a bit lost! I would like for the users to keep their exchange
mailboxes and the computer accounts for the member servers which deal with
telephony. As there aren't many users to deal with I'm fine about creating
new accounts and even bringing their workstations into the domain

manually.

You could combine a migration with the a trust from you now "user domain"
to you "telephony-email" domain.

If I took PST's for the exchange 2000 users and removed exchange would I
then be able to use ADMT to move the DC from the acquired company into our
windows 2000 domain?

I look forward to any advice.

 

[Ryan Hanisco]

Greg,

Is the phone system Cisco Unity and Cisco Call Manager? If this is the case
there are a huge number of things to take into account here. Write me back
and I can go into those if that's the case (copy my e-mail address and I'll
post back to the group.) You may actually have other options if the company
you've acquired is small (again let me know).

You can't demote and promote their server as you'll lose their information.
ADMT is really your best option. This will let you move the users and
permissions to your server and keep the SIDs in place so they'll still be
able to access their resources in the old domain.

Then you need to worry about the resources (Exchange and the phone system.)
Most phone applications that have integration with e-mail, talk to exchange
rather than anything else. While you probably want them on one system for
ease of management, you may not have a choice if you want to keep the
e-mail/ AD integration. I would use the MS e-mail migration docs and
install the Domino connectors. This way they are all on your mail system
and can access their stuff from there. The Exchange server can stay in
place handling the phone integration and forwarding to domino. If you can
sacrifice the phone integration, then down the exchange box, and reconnect
the phone system to the OU or child domain you have migrated the users to in
the parent company. Them WIPE the old box and repurpose it.

This is a major undertaking and very sensitive. If you have never done ADMT
before or Exchange migration, this is a good time to outsource rather than a
good time to learn. Look for an Integration firm with migration experience,
don't just hire a local "windows guy" . The risks are high and the cost
will be lower in an outsource than the learning curve and potential risk.
If you do go it alone, stage this and test EVERYTHING before you do it on a
production system.