We have an AD forest with a "empty" root domain, let's refer to it as root.local, and a subdomain, child.root.local. Our Exchange 2016 CU15 server is located in the child domain, and is the hybrid server for our Exchange Online mailboxes. The Exchange Server (in child.root.local) and Schema Master role holder (in root.local) are in the same Site. This Exchange server was setup by a third party, who left no documentation on setup.
My account is in the root.local Schema and Enterprise Admin groups, as well as the Organization Management group.
When running setup.exe for CU20, we receive messages indicating account permission issues, mailbox roles not found, etc. I assume this is due to the multi-domain and requires PrepareSchema and/or PrepareAD to be run first.
Question is: Do I need to run /PrepareDomain switch for the root and child domain after running /PrepareAD in each? And when and where (root or child) do I run the /TenantOrganizationConfig switch (and is it necessary for a CU install?)?