setting up first child domain

[alpha88]

My company has recently merged with another company. Therefore I'm setting up a child domain to our parent domain. I would like to know a few things about setting up a child domain. First of all I would like to know about dns servers. Does the child domain use the dns servers of the parent domain or should I set up its own dns server? I assumed it had to use the dns servers of the parent domain because when I went to create an account in active directory. I recieved an error that there was know global catalog server to verify the uniqueness of the username, but when I entered the parent domains dns servers in I did not recieve this error.

 

[redwhip]

It can have it's own DNS server so long as you setup a forwarder to be the parent domain DNS server.
It needs to be able to find the SRV records somehow.

 

[alpha88]

So basically I can have primary and secondary dns servers is my child domain. Of course these servers will perform queries for the child domain. Than I will set forwarders to the parent domain this will allow for resources to be located in the parent domain. I was trying to do option 1 in the making the dns connection section of this article

http://techrepublic.com.com/5100-6268-1048141.html

can you tell me what you think of what the author stated in option 1. The way you explained it made since because thats how I have our domain set up now for internet access. If the client computer can't resove on the local dns server than the internet request is forwarded to our isp's dns servers. Now I'm assuming that I will also have to set up some type of trust between the child domain and the parent domain?

 

[redwhip]

This article seems to be unavailable.

You won't need to setup a trust as the child domain will be in the same AD forest and therefore a two way transitive trust will be automatically setup.

You just run dcpromo tell it to create a new domain in an existing tree, tell it the name of the parnet domain and give it a name. So long as it finds the SRV records of the parent domain it will work - Hence the need to use a forwarder. Your isp's DNS server may know about your domain name but they won't have a clue about it's SRV records. Only the parent domain's DNS server does.
You can also add the isp DNS servers as 2nd forwarders if you want.

Best to have a DNS zone for the child doman setup before you run dcpromo and have that zone set to allow dynamic updates.

Ideally you should point the new DC to itself for DNS before running dcpromo. It might tell you it can't find your domain but you can ignore that it always seems to work anyway.

 

[cpb72]

As the other gentle said you don't need to setup any trust.For dns server you will use the parent dns server and for load balancing you can list an alternate dns server if you have one in your network.That is simple.Thanx Babul

 

[redwhip]

Who is babul?

 

[Doyler1]

Similar problem for me, I have one parent and four Childs with transitive trust between all domains. I try to add my Enterprise account to the child domain admins account but its all greyed out. Also I cannot browse to these domains but I can UNC to them.

Am I missing something?

 

[redwhip]

I would have thought that you would need to add the domain admin user to the enterprise admin group not the other way round. Do this from a DC in the root domain logged on as Enterprise admin.
I'm not sure about the browsing. Is MS file and print sharing (ports 135-139 etc) enabled/allowed across the WAN?