Share via

Splitting Child forest from Main forest will that impact SharePoint 2013 or 2016 On-premises environment?

RajKumar 86 Reputation points
2024-03-18T16:40:16.19+00:00

We have a scenario where existing child Forest users want to separate from the Main forest and have their own dedicated AD. The plan is to migrate all the objects from the main DC/DN to a dedicated domain/AD. Because these two companies have split.

The issue is that we have SharePoint 2013 and SharePoint 2016 on-premises environment. Because the DN will change and a dedicated AD, Do I need to re-configure User Profile sync?

If yes, will it impact all the permissions and workflows?

How can we make sure the account will still work as it is even after the split from main Forest?

Note: We will still carry SID history. Only Child Forest users have access to these two environments

Microsoft 365 and Office | SharePoint Server | For business
Microsoft 365 and Office | SharePoint | For business | Windows
0 comments
Accepted answer
  1. Xyza Xue_MSFT 30,176 Reputation points Microsoft External Staff
    2024-03-19T02:45:35.03+00:00

    Hi @RajKumar ,

    Thank you for posting in this community.

    If you are migrating child forest users to a dedicated AD, you need to reconfigure User Profile sync in SharePoint 2013 and 2016 on-premises environments. Changing the DN could impact permissions and workflows, so it's important to plan accordingly. However, if you carry SID history, This allows migrated accounts to access resources without interruption. The accounts should still work as they did before the split from the main forest.

    Reference:

    Maintain user profile synchronization settings in SharePoint Server

    Overview of profile synchronization in SharePoint Server 2016

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. RajKumar 86 Reputation points
    2024-03-21T14:08:51.3866667+00:00

    with the Intra Forest that we are planning, we got to know that we cannot carry SID history. and the other issue is that we are going to change the DN instead of using their old Parent one, now new segregated domain will have it's own proper DN.

    Which means I need to re-apply permissions after user profile sync across all the sites? @Xyza Xue_MSFT

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.