Solved

add a send domain

Posted on 2001-08-24
6
161 Views
Last Modified: 2010-04-13
my office is running win2k server with active directory installed

our primary domain is say abc.com
and it works fine

Now I want to add an 2nd domain say xyz.com

I added but I try to ping xyz.com

unknown host

what any settings I missied ?
0
Comment
Question by:adrianmak
6 Comments
 
LVL 5

Expert Comment

by:matt023
ID: 6424214
First off, according to your description, you had created a new forest instead of a new domain within the same forest.  I'm not sure how big or complex your company is, but this is not usually the way even for many enterprise sized organization.  What you should have done was created an xyz.abc.com child domain.  
Second, do you have an A resource record for xyz.com defined in DNS?  Are the 2 domains registered with all the DNS servers that your clients use?  
0
 

Author Comment

by:adrianmak
ID: 6424231
how to create a child domain in win2k ?

we only have one dns in office
0
 
LVL 25

Accepted Solution

by:
dew_associates earned 20 total points
ID: 6424318
The process of creating a child domain is quite similar to that which you used when promoting your first Windows 2000 member server to the initial root domain for your network. To add a child domain, do this:

1. If you have an OU in the parent domain with the same name as the child domain you intend to create, change the OU?s name.

Note:You receive a misleading ?Directory service is busy? error message during the server promotion process if a parent domain OU has the same name as the child domain. A similar error message appears if you attempt to create a new OU in the parent domain with the same name as that of a child domain. The problem is a duplication of Relative Distinguished Names (RDNs), which Knowledge Base article Q240147, ?Cannot Create an Organizational Unit in the Parent Domain with the Same Name as a Child Domain in Windows 2000,? explains. For this example, you can rename the Students OU in the oakmont.edu domain to Student. Changing the Students OU name prevents adding more student accounts with GroupPol. Alternatively, specify Student as the child domain name in step 7.

2. Verify in the DNS page of the Internet Protocol (TCP/IP) Properties dialog of your network connection that the Preferred DNS Server text box contains the IP address of the parent domain?s DNS server.

3. Run Dcpromo.exe to start the Active Directory Installation Wizard and click Next to bypass the Welcome dialog.

4. In the Domain Controller Type dialog, select the Domain Controller for a New Domain option and click Next.

5. In the Create Tree or Child Domain dialog, select the Create a New Child Domain in an Existing Domain Tree option and click Next.

6. In the Network Credentials dialog, type your user name and password for your Domain Admins account in the parent domain and change the Domain entry, if necessary. Click Next.

7. In the Child Domain Installation Dialog, accept or change the Parent Domain value and type the Child Domain name. As you type, the Complete DNS Name of New Domain text box displays the full childdomain.parentdomain.ext value: students.oakmont.edu for this example. Click Next.

8. In the NetBIOS Domain Name dialog, accept the default or change the NetBIOS name (STUDENTS) used by downlevel clients; then click Next.

9. In the Database and Log Locations dialog, accept the default folders, unless you have a reason to change them, and click Next.

10. In the Shared System Volume dialog, again accept the default unless you want to put Sysvol on another drive. Click Next.

11. If you don?t need to support Windows NT Remote Access Service (RAS) on servers or assignment of Windows 2000 users to Windows NT resource server groups in a mixed-mode domain, select the Permissions Compatible Only with Windows 2000 Servers option. Otherwise, accept the default Permissions Compatible with Pre-Windows 2000 Servers option, which grants the Everyone group permissions for specific folders and other objects that ordinarily restrict access to members of the Authenticated Users group. Click Next.

Don?t select the Permissions Compatible Only with Windows 2000 Servers option until you?ve upgraded all Windows NT resource servers to Windows 2000. Knowledge Base articles Q257988, ?Description of Dcpromo Permissions Choices,? and Q257942, ?Error Message: Unable to Browse the Selected Domain Because the Following Error Occurred...,? describe the consequences of selecting this option. You can?t change the option you select in this dialog without demoting the DC and starting over.

12. In the Directory Services Restore Mode Administrator Password dialog, type and confirm the password to use to remove the domain or administer it with the Ntdsutil.exe command-line utility; click Next.

13. In the Summary dialog, review your settings and then click Next to start the AD installation and child domain creation process, which takes more than the advertised ?several? minutes on moderate-speed servers.

14. Reboot the new DC for the child domain and log on with Enterprise Admins credentials.

15. Launch Active Directory Domains and Trusts, click to expand the parent domain node, right-click the child domain node, and choose Properties to open the childdomain.parentdomain.ext Properties dialog. The target (child) domain must run in native mode, so click Change Mode to make the domain ready for the move with ADMT.

16. Install ADMT on the DC for the child (target) domain. Download instructions are in the ?Easing Restructure and Migration with ADMT? section of Appendix C.

17. On the child DC, launch the Domain Security Settings snap-in from Administrative Tools and navigate to and select the Windows Settings\Security Settings\Local Policies\Audit Policy node.

18. Double-click the Audit account management policy to open the Security Policy Settings dialog. Mark the Define These Policy Settings, Success, and Failure check boxes and click OK to apply the policy.

19. Repeat steps 17 and 18 on the parent domain DC. Account management auditing is required for ADMT operations on user accounts in both domains.
Adding a child domain automatically adds a Dynamic DNS (Active Directory-integrated, DDNS) primary forward lookup zone for the child domain to the parent domain?s DNS server. When users move to the child domain, DHCP doesn?t need to assign their Primary DNS Server to the child domain server?s IP address.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 10

Expert Comment

by:HDWILKINS
ID: 6425399
adrianmak  - Let me get back to the question.  You said "I added but I try to ping xyz.com - unknown host"

All of the above may be correct, but if you can't ping the other server - you can forget about connecting to the domain.

Please explain what the hardware setup is.  Where are the two domains located.  Same building or remote.  Are there routers or firewalls involved?  I think you need to deal with basic connectivity before anything else.

HW






0
 

Author Comment

by:adrianmak
ID: 6425554
please note that the domain I mentioned is not MS windows domain but a Internet domain dns that I am going to serve Internet guys
0
 
LVL 25

Expert Comment

by:dew_associates
ID: 6425560
Do we take this to mean that your are building an internet information server? As much info as possible would help!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this step by step tutorial with screenshots, we will show you HOW TO: Enable SSH Remote Access on a VMware vSphere Hypervisor 6.5 (ESXi 6.5). This is important if you need to enable SSH remote access for additional troubleshooting of the ESXi hos…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now