DNS/Active Directory Domain Question

Posted on 2006-06-20
Last Modified: 2010-04-18
I have domain1 running on server1(the DC for that domain)

I have a 2000 Member server running DNS and DHCP for the same domain.

I am going to be adding a second domain, and am planning on using the same DNS server (new domain, same tree and forest).

If I add the DNS server to domain1 as a DC, is there a problem with using it for the second domain?  Would it be better to just join the DNS server to the domain, and not promote it to a DC?  Also, once I authorize the DHCP server, will it be able to give ip addresses to both domains?

Question by:scottman29
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 11

Assisted Solution

rafael_acc earned 125 total points
ID: 16945368
I have to admit that I am not sure. What I can think of instead is that you shouldn't have problems if the dns is not AD integrated. However, you could also use the second domain controller as the dns server for the second domain which I think is better. The purpose of AD domains is to create a sort of security boundary. Having said that, why would you want to use a dns server for a domain and that dns server to belong to another domain!? It doesn't make much sense, does it?

Regarding the dhcp .... it actually depends. When a potential dhcp CLIENT requests an address, the first dhcp server that gets the packet would honour that request. Also, you could have a single machine, joining multiple domains ... So having a single dhcp server serving two domains, doesn't look to me as there would be any problem ...

LVL 51

Accepted Solution

Netman66 earned 125 total points
ID: 16946872
Yes on all counts.

You're better off with DNS on each domain - there's not much overhead.

You can use the one DNS server, but you will have to create the zone manually since it won't be AD Integrated.  You will also need to set it to Secure and Unsecure dynamic updates or the child domain members won't register.


Author Comment

ID: 16950685
I would have to say I agree that DHCP shouldn't be a problem serving the 2 domains.  The DNS, well I'm going to keep it as a separate member server for now.  The reason why I've split the network into 2 domains is because we are a school and I am keeping the Staff separate from the Students.

I think I will need to research the DNS issue a bit more because I don't really want to maintain 2 DNS servers.

Thanks for all your help.

LVL 11

Expert Comment

ID: 16951287
Why don't you set up some nice folder level permissions access?


Author Comment

ID: 16951397
oh there will be that as well.  With High School and Middle School students though, you never know if they will try to hack the servers... :(

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question