How to Set Up a New Active Directory Domain After a Company Merger?

Consider adding another UPN suffix in Active Directory; it’s especially useful for seamless migrations. It allows users to log in with their new address `user@new_upn.tld`, and trust me, renaming the principal can create a lot of unnecessary issues.

I highly recommend against renaming the existing domain since it usually leads to more headaches than benefits. Instead, set up a new AD domain while keeping the old one running for a bit. Then, you can do a staged migration for your users, devices, and applications. Using Okta with M365 will definitely help ease the transition.

Let's be real, the most effective strategy is often the least exciting—side-by-side migration. Create a new forest and domain, and establish a trust relationship. Migrate users, devices, and applications gradually. The real time sink is fixing all the certificates, service accounts, permissions, and other bindings referencing the old name. Okta and M365 will handle sign-ins, but you'll still need to do a lot of backend cleanup.

From what I remember, if you had Exchange, renaming the domain is typically a no-go. For a new setup, deploy two new VMs, demote one from the old domain, and promote it into your new domain. Set up a trust, then migrate users, groups, and services. When we did this years ago, we mirrored the old group structure in the new domain and slowly transitioned users. It was a bit of a puzzle, but it worked.