Hi all,
One company want to redesign its AD architecture based on locations(us/cn), subcompany(sub1,sub2,sub3,sub4). The subcompany domains(ussub1/cnsub1, ussub2/cnsub2) need trust in US/CN locations. Here are some plans and I need to choose the best one. Can
someone give some suggestions on them? (like on cost/security/exchange,etc) Thanks.
1. Just create one tree (company.com) which contain subcompany domain (sub1.company.com,sub2.company.com), separate locations by AD site. But US/CN domain will managed by different IT team.
2. Create two tree (uscompany.com, cncompany.com) in one forest and create domain shortcut trust between subcompany domains (sub1.uscompany.com, sub1.cncompany.com) though there are tree-root trusts by default.
3. Create two trees in different forest and create forest trust/external trust.
4. Create several trees (subcompany) in one forest which contain subcompany location subdomains.(us.sub1company.com, cn.sub1company.com)
5. Other plans on this scenario with the least forest/tree/domain numbers.