Hi
You have many choice if you want segregate AD objects of each group companies:
- Keep the same forest and domain , you create A Organisation Unit for each companies to separate objects , set delegation for each OU . The member of domain admins have permission to manage all domain objects.This design is recommended in order to simplify the active directory infrastructure in case where have only one team to manage the active directory of all companies group. You don't need to migrate objects to another domain
- Create new forest with multiple child domains, each company will have its own child domain. It can be useful if each company has its own team to manage its domain,and you don't need to create manually trust between child domains, the trust between child and parent domain will be created automatically Only members of domain admin in root domain can have permission on all child domains, and you need to migrate objects to target domain.
- Create a forest for each company, create trust between all forests if need it, in this design each company can manage its own forest if it has its own team. You have to migrate object to target domain (using admt tools for exemple).
Please don't forget to mark this reply as answer if it help you to fix your issue