How to combine two Active Directory domains [closed]

I have two Windows 2008 R2 AD servers.

The first, xyz.com is in a large city with fast internet. There are approximately 12 users.

The second, foo.xyz.com, is in the middle of the bush on a satellite link, there are approximately 20 users.

The two servers are not connected to each other in any way.

I have a third office in a small town with slow internet access. I will soon be adding a server in that office, which has 7 users.

My goal is to combine all of them somehow and setup Dfs.

I'm inexperienced in AD management and looking for guidance. I would like to start with connecting my two current servers.

Thanks


Solution 1:

You use ADMT (Active Directory Migration Tool) for restructuring and merging domains, however, with your lack of familiarity with AD (sorry I don't mean to sound condescending,) and given how long it would take you to learn ADMT, and how few users you have, the quickest thing for you to do would probably be just migrate all the workstations into a new domain manually.

Edit to elaborate some more - I would suggest USMT (User State Migration Tool) for migrating user profiles over to the new domain, but as with ADMT, its usefulness really shines in large migration projects. For a small number of users, you could probably just use Windows Easy Transfer to transfer user profiles... even if migrating user profiles isn't even essential to you, it will probably make your end users happier and would be an easy win for you.

Solution 2:

What are you trying to solve with DFS? And how would you like to "combine" them?

I'm making an assumption that these domains are in separate forests since they are not currently connected in any way. If you want to do DFS replication, you will not be able to do so across forests.

If you want a single namespace for DFS and have users access files in the other domains, you can do so without DFS and setup trusts. You will probably want to setup a site-to-site VPN in order to maintain that trust remains in place.

You could look at migrating the multiple domains into a single domain (either a new one or into an existing one). You might still have other issues with the sites depending on the stability of the internet links and you would still need to setup either a private network separately or over VPN tunnels.

Bottom line, if you don't know enough about AD at this point, you may want to find a good consultant to work with you on all the pros/cons of all the various options and find a solution that works best for you (and do some knowledge transfer along the way).