Q: We have just merged with another company that has five offices in Europe. We are running a Windows 2000 AD domain...
and they are running NT4 that covers all the offices. We have some applications they need to use and they have some we need but security is an issue as another company is supporting their network.
I would like to know what other companies are doing in this situation with regards to Active Directory with mergers and different countries involved and the best way to set this up also for email processing (Exchange 2000).
A: In cases where there are significant security differences between merged companies, you will want to create separate domains. Even if the European domain is NT 4.0, you can still establish a trust relationship with the other domain. Using a trust does not imply rights on the other domain. So, each entity (you and the other company) can control who has access to resources within your domain.
If the other company can upgrade to Windows 2000 and AD, life will be much easier. Windows 2000/NT 4.0 domain trusts can problematic at times. Establishing good names resolution between the domains will be important; keep in mind Windows 2000 focuses on DNS while NT 4.0 leverages mostly WINS. You may need to utilize LMHOST entries on the Domain Controller from each domain to insure proper resolution until everyone is on Windows 2000 and leveraging DNS.
Related Q&A from Paul Hinsberg
Need to take an in-place upgraded PDC offline to rebuild it and use the second and third freshly-built 2003 DCs to handle services? Our expert ...continue reading
One admin wants to know if he can run DCPROMO on a Windows Server 2003 machine while the root domain is on Windows 2000.continue reading
A new admin's Active Directory is in utter chaos. Here's what our expert suggests.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.