Antonia,
Yes! You have it now. You have the abc.com domain / tree / forest ( as it
is the first domain in the forest it is called the forest root ) and the
FQDN of each computer account is going to be the computer name ( dc1 and dc2
in your example ) followed by the DNS name of the domain ( abc.com in your
example ). In essence, the most left 'name' is going to be the name of the
computer account and everything else is going to be the domain name. Put
another way - the computer account name is the name in front of the first
"." and everything else is the domain name.
You can create your user accounts on any DC in the appropriate domain. In
WIN2000 all domain controllers are created equally ( well, .... ). You can
sit down at dc1 and create 15 user accounts and then 20 minutes later sit
down at dc2 and create another 10 user accounts and all 25 user accounts
will exist.
Active Directory follows the Multi-Master mode; thus, there is no more
PDC/BDC concept like we had in WINNT 4.0 where the PDC had the only writable
SAM. In WIN2000 Active Directory the actual file is called ntds.dit and all
Domain Controllers 'synchronize' their ntds.dit database via Active
Directory Replication ( Intra-Site / Inter-Site ). Thus, if you created
the 15 users on dc1 and were to immediately sit in front of dc2 and look in
the ADUC you might not see those newly created 15 user accounts. Give it a
few minutes ( 15 minutes tops ) and those 15 user accounts would indeed be
there. Same goes for those 10 user accounts that you created on dc2.
You really would not need a child domain - unless there is something that
you are not telling us. To gain closure on this issue, let's just say that
there was a compelling reason for you to create a child domain ( say the
finance department wanted, no, demanded on having a strong password policy
but your other people were dead set against that as they would have a hard
time remembering the passwords ).
You would take a new WIN2000 Server and run dcpromo on it. Now, you would
do the opposite of what Conrad was suggesting: you would create a new dc in
a new domain. Again, remember that we are creating a child domain for the
sake of this example. When all was said and done, you would have something
like finance.abc.com as the child domain of abc.com. So, the FQDN of any
computer accounts ( including Domain Controllers ) would be
xxxxxx.finance.abc.com. Let's say that you called the Domain Controller in
this child domain 'Greed'. The FQDN would be greed.finance.abc.com.
Does this help you?
Cary
"Antonia Jasper" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi conrad
>
> So am I right to say
>
> If my first dc FQDN is (dc1.abc.com) then the second dc FQDN should be
> (dc2.abc.com).
>
> Which DC should I create my user account info and configure my client to
log
> on ?
>
> "Conrad Lawes" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > There is no reason to create a child domain especially in a small
> > organization. All your domain controllers can join the root domain.
> >
> >
> > "Antonia Jasper" <(E-Mail Removed)> wrote in message
> > news:Oo%(E-Mail Removed)...
> > > Hi conrad,
> > >
> > > I'm puzzle how to confirgure my second DC.
> > >
> > > should i place it under the child domain of my root domain
> > > (abc.com)
> > >
> > > My orgainstaion is very small only about 50 user. I don't think it is
> > > necessary to have another domain tree.
> > >
> > > I 'm just wonder If my root doamin die off then what will happen to
> those
> > > child domain under it.
> > >
> > > Can my worksation still be able to log on if I initially configure all
> > > workstation to log on to the root domain.
> > >
> > >
> > >
> > > "Conrad Lawes" <(E-Mail Removed)> wrote in message
> > > news:%(E-Mail Removed)...
> > > >
> > > > In a Windows 2000 domain there is no primary or backup domain
> > controller.
> > > > All domain controllers are equal. They can all handle user
> > authentication.
> > > >
> > > > So as long as you have 2 or more domain controllers running there is
> > > nothing
> > > > that you have to do.
> > > >
> > > > I would advice you to do more research of Windows 2000 Active
> > Directory
> > > to
> > > > gain a better understanding of Windows 2000 domain controllers and
how
> > > they
> > > > operate.
> > > >
> > > >
> > > >
> > > >
> > > > "Antonia Jasper" <(E-Mail Removed)> wrote in message
> > > > news:emv#(E-Mail Removed)...
> > > > > In NT 4 there is a BDC for the user to log on in case the pdc die
> off.
> > > > >
> > > > > How about in WIN 2k , if I want the same concept to have a second
> > server
> > > > > actting as a DC to authenticate the logging on process when the
> first
> > DC
> > > > die
> > > > > offf.
> > > > >
> > > > > 1. What should I do ?
> > > > >
> > > > > 2. How should I design my two DC DNS name space if my first
root
> DC
> > > > > domain name space is :"abc.com"
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
|
Similar Threads
