Parent - Child Domain

D

Dan Pinkham

I am thinking of implementing a child domain to my existing domain. My
domain currently has one Domain Controller. I have another machine that i
will use as another DC in the proposed child domain

What is the procedure for creating a Child domain please? During the
creation of the child, i will use the existing dc as my primary dns server,
but after that i have had problems. What is the procedure please regarding
child domain, dns issues please?
 
E

Enkidu

Dan said:
I am thinking of implementing a child domain to my existing domain. My
domain currently has one Domain Controller. I have another machine that i
will use as another DC in the proposed child domain

What is the procedure for creating a Child domain please? During the
creation of the child, i will use the existing dc as my primary dns server,
but after that i have had problems. What is the procedure please regarding
child domain, dns issues please?
Click to expand...
If you have only one DC, you almost certainly don't need a child Domain.

Why do you think that you need a child Domain?

Having a single DC Domain is dangerous. Having a single DC parent Domain
and a single DC child Domain is more than dangerous.

Cheers,

Cliff
 
D

Dan Pinkham

Cliff, i understand your points..need a different password policy on child
domain - also would like advice on the procedure as have got it wrong
previously..luckily in test environment

Proper procedure for a child domain regarding DNS etc. would be great

Regards

Dan p
 
K

Kevin D. Goodknecht Sr. [MVP]

Dan Pinkham said:
Cliff, i understand your points..need a different password policy on
child domain - also would like advice on the procedure as have got it
wrong previously..luckily in test environment

Proper procedure for a child domain regarding DNS etc. would be great
Click to expand...


Here it is, but I agree with Cliff, having one DC is one thing, having
parent/child DCs with only one DC in each, is dangerous, if the parent
domain fails, you've got an orphaned child DC with no parent and no forest
root domain.
You'd be much better off making the machine into a replica DC.

255248 - HOW TO Create a Child Domain in Active Directory and Delegate the
DNS Namespace to the Child Domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;255248&sd=RMVP
 
A

ANIXIS

Dan said:
Cliff, i understand your points..need a different password policy on child
domain - also would like advice on the procedure as have got it wrong
previously..luckily in test environment
Click to expand...

Dan, there are third-party products that allow you to enforce multiple
password policies within a single domain. You can also write your own
password filtering DLL, however I would only recommend this if you have
a good understanding of C and systems programming.

Our product is called Password Policy Enforcer, and it allows you to
assign policies to users, groups, and OUs. You can read more about it
at http://www.anixis.com/products/ppe/features.htm
 
E

Enkidu

OK, what I've seen suggested, if you cannot stretch to a second server
class machine is to take a workstation class machine, stick a DC on it,
and make it a GC and put it in a corner somewhere. If you can. Think of
it as isurance.

Cheers,

Cliff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

child domain logging to parent domain 1
remove the last/only DC in a Child domain 2
Cannot add as child domain 1
Domain consolidation and decommission child domain in ActiveDirectory Windows Server 2003 3
Child Domain Authentication 1
setting up child domain in w2k3 1
Cannot Ping DC in child domain by dns 1
Child Domain DNS 2

Top