I am in the position of facilitating the separation of two institutions and need to develop the new AD server for the new institution.

Currently our parent institution maintains & controls our AD system and is not very cooperative in separating our data.

We have a R&D network setup outside of the main campus network where we have a WS2012 Datacenter installation functioning as the AD server, what I am trying to devise is a way to sync my institutions data from the parent institutions AD server(s) so as to populate our AD server.

The parent institution does not want to setup replication as we do not need/want the parent institutions AD data, just our own.

The other part of this idea/problem is sync'ing the passwords in the parent institutions AD system for my AD users into my new AD system. We use Google Apps. for Education for students & employees and would like to take over our own Google2AD sync'ing as the parent institution is very hard to coordinate with for time on their AD system as they won't even give us access to it at a user level higher that a regular user.

Any ideas???