Client: United Colleges Group (UCG)
Sector: Education (College of Further Education)
Key Technologies: Active Directory, Azure Active Directory, Microsoft 365, Excahnge Server, ADMT
Services Provided: Strategic Consulting, Domain Migration, Office 365 Migration, IT Support
Merge infrastructure for two large colleges with circa 20,000 users
Build new Active Directory forest and domain
Migrate and merge users, groups, computers and group policy objects
Retain existing login names and IDs
Zero downtime
United Colleges group was formed through the merger of two diverse colleges, College of North West London (CNWL) & City of Westminster College (CWC).
UCG Management were keen to rapidly merge the two colleges together from an IT perspective to reflect the new organisation.
We had a complex set of requirements that needed to meet the needs of two separate colleges and the requirements of the management of the new group. Carbon Cloud understood these and were able to help us navigate the range of options available to us and helped guide design decisions throughout the process
Paul Hardman, City of Westminster College
UCG Management were keen to rapidly merge the two colleges together from an IT perspective to reflect the new organisation.
The two colleges had developed independently over a number of years and the IT environments reflected this. Both colleges were running Exchange Hybrid infrastructures with individual tenancies.
One of the key requirements (due to the number of IT accounts & Users) was to ensure that all Users could login throughout the project with their existing email address/login names with no change in experience before, during or after migration.
There were many AD-integrated applications and server workloads that required auditing to ensure that authentication would work throughout.
Carbon Cloud was engaged to conduct a full audit of the existing systems and to make recommendations for the new AD design.
Both colleges had independent IT staff and operations and the Carbon Cloud consultancy team were required to ensure that the solution was a good fit for both colleges.
From the initial audit activity it was apparent that the two diverse environments were complex with many dependencies. The main challenge was to ensure authentication was reliable and secure throughout using existing login names (even through the AD domain was changing). Through pilot testing, Carbon Cloud quickly established that this would be achievable (albeit unsupported by Microsoft) by ensuring that any authentication requests would be serviced by the new domain for new users, with existing users redirected to their existing logon domains via trust relationships. In conjunction with bespoke Powershell scripting, we were able to migrate many hundreds of users in batches, using the scripting to manipulate AD objects to reflect the requirements (depending if the User mailbox was on-prem/O365).
Wayne Emerson, Carbon CLoud
Following the initial audit activity, Carbon Cloud produced a design document to present and discuss with the wider IT team. Through the course of many discussions where the pros & cons of each solution were explored, it was agreed that a Single Forest, Single Domain model would be the most manageable moving forward, even though there were many 10’s of 1000’s of AD objects.
Carbon Cloud built the new domain infrastructure from scratch, including DNS and then migrated the entire existing domain structures (from 5 x AD domains) into a single OU structure. Group policy objects were exported and imported and applied to the imported OU structure. This was to ensure that when Users were migrated they would retain their existing configuration from group policy. In addition, a new OU structure was created for the post-migration activity of merging OU’s together.
There were many other considerations including large-scale VDI environments in both colleges, both organisations were in an Exchange Hybrid configuration which meant “bending the rules” throughout migration to achieve sign-on with existing logins.
