Child Domain Replication

[blubomber]

i have just setup a child domain in my forest. There was already a child
domain that still remains. If i look at the replication setup, the new child
domain is set to replicate with both the parent DCs and the other childs
DCs. Do the child domains need to be replicating with each other or can in
remove the link? Thank you.

 

[Chriss3]

The child domains dose not necessary need to replicate with each other
directly but I don't see any reason why not, the Domain Partition are unique
for each domain, How ever Configuration Partition and Schema Partition have
to be replicated to all Domain Controllers in the forest. I recommend you to
leave the replication topology as it are created by the KDC Service.

 

[blubomber]

I understand that it is best to have the replication there, but the new
child domain is on a VPN connection and i dont want to loose too much
bandwidth due to replication over the VPN.

 

[Chriss3]

Blubomber, the Domain partition dose not replicate forest wide, This means
the domain partition only replicates to domain controllers in the particular
domain. The Configuration Partition and Schema Partition are replicated to
all Domain Controllers in the forest. The Domain partition contains all
users and objects you create in the particular domain. This is way you can
create a child domain for replication boundary.

 

[blubomber]

Thank you for the replies Chriss3. Here is my problem. The new child domain
is setup through a VPN connection. the new child domain has no problems
getting pings to the parent domain but pings to the current child domain go
unanswered. If i trie to ping from the current child to the new child, i
still get no answer. I have gone through AD sites and services and Domain
trusts and there is no trust setup between the two child domains. I tried to
setup the trust but got an error saying that no logon server for the domain
could be reached. I am assuming that this is because no IP traffic is going
between the child domains. I am also getting error logs on the new child DC
indicating that it is having trouble replicating. so, if i remove the trusts
between the two child domains, will each get the information they need from
the parent domain?

I am still working on why i cannot get any communication between the two
childs, but i am not sure if it is necessary.

 

[Chriss3]

Hello again! I can't answer if its necessary, because I don't know the
current replication topology KDC have created for you. You should look if
there are any reported replication problems, if not you don't have to care
about to bring up link across the child domains. Install Windows Server
Support Tools from Windows Server CD, run the command line based tool
repadmin with the syntax below.

repadmin /showreps /v

it will report any replication errors.