Active Directory Forest Trust Permissions to create

Anonymous
2020-12-17T12:02:17.203+00:00

Hello Folks,

Our Scenario: 1 forest and 1 domain and we are dividing it in two companies so we are preparing new forest and new domain.

I have a question we are creating active directory forest trust between two companies and i would like to know what permissions we need to create a successful trust.

  • User Account rights and permissions to create a trust between two companies

Once creating a trust we have tom migrate the users,groups and computers from other domain so what permission are required to delegate a user to migrate the objects.

  • ADMT tool will be used to migrate the objects.

Appreciate your feedback !!

Regards,
Arif

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,898 questions
Windows Server Management
Windows Server Management
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Management: The act or process of organizing, handling, directing or controlling something.
421 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
408 questions
0 comments
Accepted answer
  1. Youssef Saad 3,401 Reputation points
    2020-12-17T12:34:40.81+00:00

    Hi anonymous user,

    1. To setup the Trust between two forests, you need either a user member of Enterprise Admins or Domain Admins of the root level, or, you can delegate the rights to a simple user.
    2. You can check the following guide: Active Directory Migration Tool (ADMT): Your Essential Guide

    Regards,

    Youssef Saad | New blog: https://youssef-saad.blogspot.com
    Please remember to ** “Accept answer” ** for useful answers, thank you!

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Fan Fan 15,291 Reputation points Microsoft Vendor
    2020-12-18T00:46:35.747+00:00

    HI,
    To set the up the trust between the forest , the user need the administrative privilege, you either use the member of Domain Admins or members with delegated permissions.

    To run the ADMT, users need to be the member of domain admins in both the source forest and target forest. You may decide to create a user specifically for the ADMT Migration, or you may use an existing user e.g. the default administrator account.

    Best Regards,