Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

domain tree in an existing forest - DNS config

Status
Not open for further replies.
IceBall

IceBall

Instructor
Mar 26, 2003
37
0
0
SE
Hi!
I have a AD domain (contoso.com) and now I want to install a new domain in a new tree (tree.com) in the same forest.
The new domain controller (dc2.tree.com)is going to run its own DNS.
questins:
1. How does dc2.tree.com find contoso.com when I run dcpromo?
2. how does dc1.contso.com find tree.com (cant use delegatin?)

Give med tips and step to make this work!
/IceBAll


MCSE+I NT 4.0
MCSE w2k
 
Sort by date Sort by votes
You want to create a new regional domain in an existing forest. When you run DCPROMO and choose to "create a new regional domain in an existing forest" you will be asked for the name of the forest root DNS server. That will allow you to join the forest and will put your new domain's information in the forest Global Catalog database.

ShackDaddy
 
Upvote 0 Downvote
I dont think I follow there.
"create a new regional domain in an existing forest" does not exist in dcpromo, its "create a new domain in an existing domain tree" and "create new domain tree in an existing forest". The later was my plan.

"you will be asked for the name of the forest root DNS server" you say. I dont think I will be asked for that. I will be asked for the root DOMAIN. So my question was: How will I find the root domain when DC does not know where to ask for the root domain...

/IceBall


 
Upvote 0 Downvote
Sorry, that was a lame answer.

I don't think you want to have DNS Server running on the would-be tree.com DC when you run DCPROMO. Since even running DCPROMO requires you to be logged in as a user with Enterprise Admin rights, you will want your pre-DC system to be able to authenticate properly, which means it needs to be able to find a GC. To do this, it should be pointed, as a client, at the forest root DC's. I believe that you can run DCPROMO this way and that the proper zone will be created for the new tree.com domain. You could then add DNS on the new server later and make the zone AD-integrated.

Perhaps you could install DNS on the server before the upgrade and configure it to forward queries to the forest root DNS server. Alternately, you could configure the server to keep a secondary zone of the forest zone file locally, that way it could properly find the appropriate server to make LDAP queries to.

Hopefully this actually makes a bit of sense.

ShackDaddy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
144
suncit
suncit
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
190
goombawaho
goombawaho
ravalos
  • Question
Problem with PDFs in IIS
Replies
1
Views
246
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
119
Aquiles Vidal
Aquiles Vidal
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
80
ADB100
ADB100

Part and Inventory Search

Sponsor

Back
Top