Merger



  • Company A and company B have merged and the want to become company C in few months.
    Company A 80 users – virtualised esxi and with scope to accommodate a lot more infrasrtructure has a domain – exchange in house – accounts package – 4 branch offices and other key apps
    Company B 60 users virtualised hiperv ( no much scope for expansion ) has the same as company A but only 3 branch offices and they are in a separate location.
    Now a decision has been made that company B will move in to the same premise of company A and company B will adopt some application that company A uses for key function like accounts etc.
    Now the two companies have separate AD – exchange - domains – DHCP remote desktops etc and I am thinking on the best way of getting them working causing last disruption as possible.
    In normal circumstances I would have created a trust between the two domains, create a new domain and migrate the AD to the new domain, gradually move the remote desktop , connect the branch offices and get them migrated in stages.
    This is not feasible, as they want to move and work as the new company in two months. I need to start get things sorted so that they are ready for when they move company B in to company A ?
    Any pointers on where to start?
    Ie what can I do with the AD ? will it be wise to move both company to a new domain so then when we move the workstation they can login to the new domain.
    Is there a way to get the two exchange server and mailboxes ready so that we can redirects emails to a single exchange and point the mx records to that server ?
    Company A points to remote desktop for some offices, Company b point to remote desktop for some other offices, i woud need to create a new remote desktop server ( but that implies that all the apps and services have been moved. )
    Is there a way of running two domains from the same office ( ie keeping the company A - and company B separate ) but in the same building ?

    Thanks
    Stef



  • A single, new AD and moving everyone to it is painful but likely prudent. And get Office 365 and get their email and other stuff off premises ASAP. Sounds like two outdated IT departments that weren't being watched over too carefully spending money a bit recklessly.

    If they have experience with Hyper-V already, that's the likely better choice for them to be moving towards for their infrastructure consolidation.



  • @StefUk said:

    Is there a way of running two domains from the same office ( ie keeping the company A - and company B separate ) but in the same building ?

    Yes, AD Domains are not related to networking. You can have unlimited AD on a single LAN.



  • @scottalanmiller said:

    You can have unlimited AD on a single LAN.

    Not that you should, but you can 🙂



  • @aaronstuder said:

    @scottalanmiller said:

    You can have unlimited AD on a single LAN.

    Not that you should, but you can 🙂

    Domain all the things!



  • @scottalanmiller said:

    Domain all the things!

    Agreed, but on 1 domain 🙂



  • @scottalanmiller

    o365 not an option as DMS ( document management systems core application ) dont integrate with this too well so not an option at present.
    o365 will only address the email side and still need to address the issue about moving premise and domain - AD - remote desktop - local computers, apps migration to company B etc ...
    s



  • @StefUk said:

    Is there a way to get the two exchange server and mailboxes ready so that we can redirects emails to a single exchange and point the mx records to that server ?

    That's actually quite easy, just set up the new Exchange (hopefully not on prem) and get it all ready. Point each MX there when ready. You don't have to do both at once, do one at a time.


  • Banned

    We do merger's all the time. as a very large company and we are always buying up little guys doing neat stuff.

    #1 thing, is don't go to fast with the transitions. You never no what you are going to break do it in stages. Setup a domain trust first to get things going (after initial inspection to check for virus production, security etc). Also if you have a legal department check with them. In many cases they will want DATA separation for 1-3 years for legal reasons.



  • Are remote apps in use currently? What about VPNs?



  • @Jason

    if we could i would have suggested to do it slower but they made all the pre arrangement and I need to try and make it happen in two months . They are actually legal firms merging so no need to call the lawyers 🙂
    they want to merge the data from company B to company A and work as company C , that's not a big deal as I can get this sorted. It's the integration of all the other infrastructure - services that is making me twitch ..
    i m thinking on "mirroring" the two as best as I can then do the big switch over a long week end ..



  • @scottalanmiller said

    Sounds like two outdated IT departments that weren't being watched over too carefully spending money a bit recklessly.

    How did you reach that conclusion?



  • @scottalanmiller
    remote app you mean cloud based ?

    yea each office has a VPN to connect the branch offices.
    company A has 4 branch office connected via VPN
    company B has 3 branch office connected via VPN

    they access the main apps and services via RDP



  • @Carnival-Boy said:

    @scottalanmiller said

    Sounds like two outdated IT departments that weren't being watched over too carefully spending money a bit recklessly.

    How did you reach that conclusion?

    ESXi for one... spending money or lacking capabilities in an SMB. We know the size of these companies, they are not big enough to even thing about getting the advantages that VMware can offer at scale. The cost of VMware licensing to be useful would be larger than we would expect the entire budget for IT for a company of this size to be. It's an order or magnitude off in this case. We don't know every detail, but this one is extreme. Sure it might be lingering from long ago, but that means that either people have not been overseeing the spending for years, investing in technical debt and/or just letting things age.



  • @StefUk said:

    @scottalanmiller
    remote app you mean cloud based ?

    No, just remote apps in the general sense.



  • @StefUk said:

    they access the main apps and services via RDP

    Then what is the purpose of the VPN? Why have a LANless design around app handling but then extend the LAN anyway? What's the goal and reason behind each?



  • @StefUk said:

    o365 not an option as DMS ( document management systems core application ) dont integrate with this too well so not an option at present.

    have you checked into this? What's causing this problem? is this an outdated core dependency?



  • @Carnival-Boy said:

    How did you reach that conclusion?

    Dependencies on on premises email for another. The dependency is possibly real, but how did it happen?



  • @scottalanmiller
    let's not start this .. this is not a character assassination on what could have been done better and why company use certain technologies nor other.. you can create an other post on best practices .. ( i m sure we have a few) 🙂



  • @scottalanmiller

    yes the legal industry is what it is ... no option to change the DMS systems



  • @scottalanmiller
    i don t understand .. what you mean.
    VPN's are there to connect offices to the main office where the main apps are hosted via rdp. again it is what it is .. at list they use the same way of connecting offices RDP 🙂

    s



  • @StefUk said:

    @scottalanmiller
    let's not start this .. this is not a character assassination on what could have been done better and why company use certain technologies nor other.. you can create an other post on best practices .. ( i m sure we have a few) 🙂

    I was asked why.



  • @StefUk said:

    i don t understand .. what you mean.
    VPN's are there to connect offices to the main office where the main apps are hosted via rdp. again it is what it is .. at list they use the same way of connecting offices RDP 🙂

    I understand that "it is what it is", but... why? I'm confused... is the goal here to "maintain the technical debt" in which case there is literally nothing to be done, just leave it all as it is. Or is the goal to "do the best thing going forward?" If the latter, then we must understand the reasoning and logic for the existing system to understand what makes sense to meet their needs in the future.

    If we ever say "let's not go into this" then the entire point of trying to recommend anything for them is pointless, the decisions are made and this is a farce. We have to examine their past and their needs in order to find out what is a good solution for them.

    So the question remains: what is the function of the VPN? Why does it exist? Does it have a purpose or is it just technical debt kept around because no one is evaluating needs until now?



  • @StefUk said:

    VPN's are there to connect offices to the main office where the main apps are hosted via rdp.

    Would you add a VPN to look at a web site or get email? Why for RDP? I know that lots of companies do this, but I don't know why companies do this. More importantly, we don't know why these two do it.

    What if you find that the VPN is in the way and causing problems? Wouldn't it be good to remove it now rather than after money is spend due to a false assumption?



  • @aaronstuder said:

    @scottalanmiller said:

    You can have unlimited AD on a single LAN.

    Not that you should, but you can 🙂

    What is your reason for not? not that I disagree, I just wouldn't be in a huge hurry to get rid of company B's setup.



  • @Dashrender said:

    What is your reason for not? not that I disagree, I just wouldn't be in a huge hurry to get rid of company B's setup.

    The purpose of AD is authentication consolidation. If you have multiple AD, clearly some of that purpose is lost.



  • @scottalanmiller said:

    @StefUk said:

    i don t understand .. what you mean.
    VPN's are there to connect offices to the main office where the main apps are hosted via rdp. again it is what it is .. at list they use the same way of connecting offices RDP 🙂

    I understand that "it is what it is", but... why? I'm confused... is the goal here to "maintain the technical debt" in which case there is literally nothing to be done, just leave it all as it is. Or is the goal to "do the best thing going forward?" If the latter, then we must understand the reasoning and logic for the existing system to understand what makes sense to meet their needs in the future.

    If we ever say "let's not go into this" then the entire point of trying to recommend anything for them is pointless, the decisions are made and this is a farce. We have to examine their past and their needs in order to find out what is a good solution for them.

    So the question remains: what is the function of the VPN? Why does it exist? Does it have a purpose or is it just technical debt kept around because no one is evaluating needs until now?

    the site to site VPN is there as a way to connect the branch office to the main office .. how do you suggest they connect to the main office to access the core applications ? cloud - hosted application is not an option .



  • @StefUk said:

    the site to site VPN is there as a way to connect the branch office to the main office .. how do you suggest they connect to the main office to access the core applications ? cloud - hosted application is not an option .

    I never suggested another means or cloud in any way (other than email.) What I asked is, or what I meant to ask is... why are the offices connected? VPN is a great way to connect offices, but what we have not heard about is why they are connected. We've seen that they use RDP which you use, in most cases, because you don't want to connect the offices. So you have one piece, RDP, that would exist "because you don't have a VPN" and another, VPN, that exists for the opposite purpose.

    I'm not suggesting that this is bad, I'm just stating that we have no idea based on the description what the VPN is used for as the only thing we see it used for is its alternative, not its pairing.

    Like saying that they have to have a truck but they drive a car everywhere. Then when I ask why they have a truck you say "well how else do they drive to the other office?" Well, I was assuming that that is what the car was for. Make sense?



  • We could ask in another way, given that they chose a VPN to connect the offices, why is there RDP? What is the VPN not handling well that as made them feel the need to have redundant connection technologies back to the main office?



  • I'll restate Scott's comment my own way.

    Do you have PCs at those branch offices that run applications locally but access resources that are at the main branch?

    If yes - why? You've already told us that you have RDP - why are you using both?

    RDP itself can be/is secure and doesn't require VPN for connectivity to the main location. This is the LANless design Scott it talking about. You don't need a secure local network to use RDP, because RDP itself provides it's own security, so why waste the time, energy and money on VPN if you don't need it.


Log in to reply