Active Directory Forest Trust Permissions to create

Question

Hello Folks,

Our Scenario: 1 forest and 1 domain and we are dividing it in two companies so we are preparing new forest and new domain.

I have a question we are creating active directory forest trust between two companies and i would like to know what permissions we need to create a successful trust.

• User Account rights and permissions to create a trust between two companies

Once creating a trust we have tom migrate the users,groups and computers from other domain so what permission are required to delegate a user to migrate the objects.

• ADMT tool will be used to migrate the objects.

Appreciate your feedback !!

Regards,
Arif

Answer 1

Hi anonymous user,

1. To setup the Trust between two forests, you need either a user member of Enterprise Admins or Domain Admins of the root level, or, you can delegate the rights to a simple user.
2. You can check the following guide: Active Directory Migration Tool (ADMT): Your Essential Guide

Regards,

---

Youssef Saad | New blog: https://youssef-saad.blogspot.com
Please remember to ** “Accept answer” ** for useful answers, thank you!

Answer 2

HI,
To set the up the trust between the forest , the user need the administrative privilege, you either use the member of Domain Admins or members with delegated permissions.

To run the ADMT, users need to be the member of domain admins in both the source forest and target forest. You may decide to create a user specifically for the ADMT Migration, or you may use an existing user e.g. the default administrator account.

Best Regards,