After setting up a test domain and child domain, i now know what its
supposd to look. I just have one more question, and i think i know the
answer just want to confirm.
I setup the child domain and it has its own AD/DNS (child.domain.com).
Should the child domain point to the parent domain's IP address, in the
TCP/IP properties first, then itself, or to itself first and then the
parent domain's IP Aaddress. I think it should point to itself first.
Thanx
Thanx, Dmitry for clearing that up. I opened AD Domains & trusts. The
domains are listed one after the other,
on the same level. So i guess that they are not in the same forest.
When i right click each of them, they have a tansitive trust setup. The
"relationship" field under each says "Tree root" and there is no
company.com.
So is it now safe to say that these are two different domains in
different trees in different forets?
Thanx again
Ah, ok, you might mean AD Users& Computers.
Open AD Domains&Trusts to see entire hierarchy of your forest. If
these domains are displayed separately, then you have a forest with
two trees, one with "web.company.com" as the root and another
"msswl.company.com". This is possible, of course.
Note that the name of the root domain in the first tree of your forest
is also the name of your forest itself. So from the name of the forest
you can tell which domain has been installed first.
Another possible option is that you will see "company.com" as the root
with two child domains, web.company.com and mssql.comany.com.
--
Dmitry Korolyov [
[email protected]]
MVP: Windows Server - Directory Services
In active directory.
I have two DCs for mssql domain which have the mssql.company.com.
Then i have two DCs for web domain, which show web.company.com in AD.
But no where can i find company.com
So does this mean that these two are different domains, with the same
domain name?
message Where do you "see" two domains web.company.com and sql.company.com?
--
Dmitry Korolyov [
[email protected]]
MVP: Windows Server - Directory Services
Yeah I see what you mean. Will go with one domain instead of the
old plan. I was just trying to figure out why the company would
need two domains. That whole thing confused me.
I still dont get how they set it up. I see two domains
web.company.com and sql.company.com but i dont see company.com
anywhere. So i think they setup seperate domains, and made it look
like a contiguous namespace.
so infact its not a tree its just two entirely different domains
which happen to have the same domain name.
Or am i wrong, is there a way to confirm this?
Thank you
message According to the information you've provided, there is no need to
create two domains. You can use one domain just fine.
Basically you will create more than one domain only if its really
needed, e.g. you have different password policies for different
group of users. You don't have such requirements. So I'm just not
getting why do you want to use two domains instead of one. Every
additional domain mean additional administrative overhead, which
should be avoided of possible.
--
Dmitry Korolyov [
[email protected]]
MVP: Windows Server - Directory Services
The setup is for a webhosting provider. One domains i going to be
for MSSQL and the other for WEBSERVERS.
So the two domains will be mssql.company.com and
webservers.company.com.
We already have one setup like this. Now i have to set this up in
another location. The thing is i can't find company.com in active
directory.
So im trying to figure out how the first domains (company.com)
was setup.
In AD i only see two domains mssql and webservers. How is it
possible that these were setup without company.com. Thats where
im having trouble. the person who set this up is not here
anymore. So i need to figure out how to set this up. When i run
dcpromo I have to setup company.com first, i dont see any way
around this. Unless he setup mssql.company.com and
webservers.company.com as two seperate domain.
Any ideas as to how to check if these are the same domain. or if
they are complately different domains with same names?
message
You do not have to specially "associate" DCs with a domain. When
you promote
a server to a DC, you configure it to be a DC for the domain you
specify.
What do you mean by "separating according to functionality"? Do
you really
have the reason to have more than one domain?
--
Dmitry Korolyov [
[email protected]]
MVP: Windows Server - Directory Services
:
Thank you Dmitry.
What i wanted to know is how to accosiate the domain name with
domain
controllers. Hope i'm making sense.
So is the steps i took in the previous post the correct way
logically to
install the DC's?
e.g DC1 and DC2 will be in company.com
DC3 and DC4 will be child1.company.com
DC5 and DC6 will child2.company.com
All the domains will be in the same location. Just seperating
then according
to functionality.
message
First you should distinguish between the logical and physical
design for
AD
and plan them separately. Note that separately does not mean
independently
here
Plan your logical design first, i.e. how many forests do you
need, how
many
domains in a forest and do you need or not to have more than
one domain
tree
in a forest. Single-domain model is ok for most cases, and
you should have
some requirements (such as different password complexity
requirements for
different users) for having more than one domain.
Assuming from your post, you may be ok with the only single
domain,
company.com.
Then, plan the physical design according to the number of
your offices,
their locations and available network bandwidths/costs, and
number of
users/servers/workstations in each office. A very simple rule
would be to
create a separate site for each office. Then, sites do not
have to have
names
in any way related to the names of your domain(s).
So, if in your example you have two offices, create two sites
for these
offices.
After you have finished with your planning and design, you
may start
installing DCs. Probably the easiest solution would be to
install the
first
DC, then install the OS on a number of additional to-be DCs
according to
your
needs. Then you can perform a system state backup on the
existing DC, and
send a copy of this backup with prepared servers to all
remote offices. In
the remote office, this backup can be used with dcpromo
command to install
the DC and populate its AD data from the backup, instead of
pulling it all
from the existing DC at the main office over an expensive
and/or slow WAN
link. Only the rest of the data (changes made since that
backup) will be
replicated over WAN.
--
Dmitry Korolyov [
[email protected]]
MVP: Windows Server - Directory Services
:
company.com
|
---------------------------------
| |
site1.company.com site2.company.com
How would i set this up, physically i mean?
Does company.com have to have its own physical domain? or
can i install
my
first DC in site1.company.com?
Here is what i was thinking of doing. First i would setup a
DC at
site1.company.com, but install it as company.com. Now i have
the
company.com
domain. Then i would install the backup DC. After that i
would install a
third DC and join it to company.com as site1.company.com and
then install
the back up.
Site1 is on a different subnet, I would install the 5th DC
and join it to
the company.com domain as site2.company.com.
Is this correct or do i have it all wrong?
Are there other ways to do this? Does anyone have a snapshot
of how this
would look in the AD computers and users tool.
Sorry for all the questions, learning now to setup AD.
Thank you
