Yes i agree to that and infact tried this …I know that is most suitable option. But I have not been able to solve my replication issue.
My OU or site that will have a GPO specific to site will needed to be created at PDC and then it will be replicated to additional DC. I want to avoid this constant replication.
My domain is installed with Exchange server which i want to retain (or mess with it as last option)
am i missing something??? Please Suggest…
Yes Even i gave a look at AD Fed after u suggested it dosent looks the solution i am looking for.
Let me explain the situation 1> we have a exchange server and AD at Head office.
2> We have a branch office where most of the users sit and work.
3> Both the branches are connected by VPN.
4>ALL i want is no dual logins so users will not have to deal with more than one password
and managing the policy on local level with minimum replication so as to avoid burden on exchange server…
As you have said i have tried a Parent domain and child domain in forest with writable trust but in that case user authentication from child to parent was not happening. Also i had tried PDC and additional domain but it replicates both users and GPOs. I dont know what is federated domian any links or suggestions will be very helpful and appreciated…