different active directory trusts and the prerequisites - Microsoft Q&A (2024)

Hi There,

due to historic reason, our company exists of 2 different domains. let' say A.com and B.com, B.com current integrated with O365 and Microsoft AAD. but A.com is an local and used for A site user's authentication. A.com has a subdomain called sh.a.com. Right now we want to merge A to B or use domain trust relationship to do bidirectionally trust in between A.com and B.com to contribute to work collaboration both side. My question would be:

1. Merge A.com to B.com or do trust relationship between A and B which is the best choices. what is the Pros and Cons of both solutions ?
2. as now A.com has lost of some credentials like forest admin and recovery password and etc. by previous IT he created one sub domain called. sh.A.com. and now we have the administrator information only of sh.A.com this subdomain. will this impact the domain trust between A.com and B.com ? what is the prerequisites for a successful domain trust ?
3. Any great tooling for the domain merge which will not cause of downtime where we're able to merge A.com users and security groups whatever to B.com. and after migration the users still able to login via his previous accounts and password and nothing changes ? or make a lowest impacts to users and applications like Devops integrations, NFS share folders and etc. ?

Thanks very much for your answers.