Posted this on another board to look for comments I guess I have a weird "scenario." Work for a 25 member financial company. The company itself has two "arms", a research side and a financial trading side. Mgmt is requesting that IT wise, some chinese walls now have to be established between the analysts and the traders (they never really communicated before regardless). However, I have the following issue: 7 users are on the research side, 5 users are on the trading side, and kicker is that the remaining 13 are support staff that have to do stuff with both arms. Now, when I say "separate", basically each side will have it's own Exchange e-mail server (which will be logged, and put on WORM for compliance purposes). I guess the problem is that for the support people, only one exchange box can be open at once... Trying to plan out an active directory structure. Logistically, the more separate the two companies are, the better, but cost is a major issue as well. In addition, the support staff have to be able to access both companies effortlessly. This is what I was planning -- please respond with any comments/critiques, suggestions, or better ideas: one main domain for logins, that is company neutral. a separate domain with email server for one arm, and the same for the other arm. The main domain will have trust relationships set with both arms, so that people logging in can access the email server. Originally, was thinking of having two totally separate domains for both arms, but the problem is the people that are mutual to both parts... so that's why I decided to use a neutral login domain for all users (for a total of 3 domains). Is this a dumb idea? Wanna kill these ads? We can help!