We currently have a forest of aa.local, and under that a domain of bb.aa.local, due to administrative changes I would like to move the bb.aa.local domian into its own forest, naming isn't essential, but bb.local would be an ideal.
There are 1500 users, 800 XP based PCs, 4DCs in the bb.aa.local domain, plus 20 other assorted servers (file servers, terminal Servers, Altiris) most Servers are 2003/R2 and one 2008 server.
Domain controllers are running as DC/DNS/DHCP/WINS but not for file storage. There is a 2003 Exchange server that is also integrated with the domain and forest and is part of a mixed 2008/2003 exchange administrative group, and this would need to be seperated out.
The forest is at 2008 functional level, forest (aa.local) DCs are a mixture beteen 2008 and 2003. The bb.aa.local domain is mostly Server 2003.
Where do we start with this, and what woud the process be?
This is something that's not going to be easy, however, Microsoft has developed a tool to make the process easier. The tool is called ADMT (Active Directory Migration Tool). The process will involve utilizing this tool to move the domain to a new forest, although I'll note that the tool copies objects to the new forest and the objects will continue to exist on the existing domain until deleted. I'm linking this wonderful technet article here because this is a very advanced process and you'll want to be well versed in the best practices Microsoft outlines as well as getting a good understanding of the potential complications and nuances of the tool (which there are too many for me to outline).