We have single AD forest with two domains as follows:
Domain A:
- Contains nearly 30 servers (7 physicals and 23 VMs) all hosted on Microsoft Hyper-V server
- Nearly 500 Active user accounts
- A huge file server with 3 TB active data on nearly 4000 share folders
- A DHCP server that serve around 100 VLANs is member of this Domain
- Two domain controllers in domain A are running on W2k12R2 with highest domain and forest Functional level
- Almost all critical servers are located in this domain apart from Print server located in domain B
Domain B:
- Contain two domain controllers in domain A are running on W2k12R2 with highest domain Functional level
- A print server is located in This domain and contain around 150 network printers
- Nearly 4000 user accounts(nearly 2000 are active)
- A Huge file server with 5 TB of data on nearly 2000 share folders
General information
- Domain A is forest root Domain
- In summery we have four virtualized domain controllers running on W2K12R2
- All servers (for both domains) are part on single Vlan and we use Microsoft Network policy server for Dynamic Vlan on domain controllers
- Dynamic vlan will be used for wireless devices like phones
- Now the management forced us to create a single domain with new name and merge both domains (create domain C in brand new forest)
My plan is to promote new W2K22 to a domain controller then the second one, and enable bidirectional forest trust between both forests in order to both domains can operate normally and ensure work continuity
Install AD migration toolkit on both domains and start migrating to Domain c gradually
My questions:
Is creating new Vlan necessary for domain C or is it OK to have both forests old and new one in the same Vlan? Because if I create a new vlan for domain c network people have to do lots of works since we heavily rely on firewalls for vlan interconnecting.
How can I migrate the DHCP server I cant see this part?
Any ideas or help will be appreciated.
