DNS/Active Directory Domain Question

I have domain1 running on server1(the DC for that domain)

I have a 2000 Member server running DNS and DHCP for the same domain.

I am going to be adding a second domain, and am planning on using the same DNS server (new domain, same tree and forest).

If I add the DNS server to domain1 as a DC, is there a problem with using it for the second domain?  Would it be better to just join the DNS server to the domain, and not promote it to a DC?  Also, once I authorize the DHCP server, will it be able to give ip addresses to both domains?

thanks!
Scott
LVL 5
scottman29Asked:
Who is Participating?
 
Netman66Connect With a Mentor Commented:
Yes on all counts.

You're better off with DNS on each domain - there's not much overhead.

You can use the one DNS server, but you will have to create the zone manually since it won't be AD Integrated.  You will also need to set it to Secure and Unsecure dynamic updates or the child domain members won't register.



0
 
rafael_accConnect With a Mentor Commented:
I have to admit that I am not sure. What I can think of instead is that you shouldn't have problems if the dns is not AD integrated. However, you could also use the second domain controller as the dns server for the second domain which I think is better. The purpose of AD domains is to create a sort of security boundary. Having said that, why would you want to use a dns server for a domain and that dns server to belong to another domain!? It doesn't make much sense, does it?

Regarding the dhcp .... it actually depends. When a potential dhcp CLIENT requests an address, the first dhcp server that gets the packet would honour that request. Also, you could have a single machine, joining multiple domains ... So having a single dhcp server serving two domains, doesn't look to me as there would be any problem ...

Cheers
0
 
scottman29Author Commented:
I would have to say I agree that DHCP shouldn't be a problem serving the 2 domains.  The DNS, well I'm going to keep it as a separate member server for now.  The reason why I've split the network into 2 domains is because we are a school and I am keeping the Staff separate from the Students.

I think I will need to research the DNS issue a bit more because I don't really want to maintain 2 DNS servers.

Thanks for all your help.

Scott
0
 
rafael_accCommented:
Why don't you set up some nice folder level permissions access?

Cheers
0
 
scottman29Author Commented:
oh there will be that as well.  With High School and Middle School students though, you never know if they will try to hack the servers... :(
0
All Courses

From novice to tech pro — start learning today.