DNS/Active Directory Domain Question

Posted on 2006-06-20
Last Modified: 2010-04-18
I have domain1 running on server1(the DC for that domain)

I have a 2000 Member server running DNS and DHCP for the same domain.

I am going to be adding a second domain, and am planning on using the same DNS server (new domain, same tree and forest).

If I add the DNS server to domain1 as a DC, is there a problem with using it for the second domain?  Would it be better to just join the DNS server to the domain, and not promote it to a DC?  Also, once I authorize the DHCP server, will it be able to give ip addresses to both domains?

Question by:scottman29
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 11

Assisted Solution

rafael_acc earned 125 total points
ID: 16945368
I have to admit that I am not sure. What I can think of instead is that you shouldn't have problems if the dns is not AD integrated. However, you could also use the second domain controller as the dns server for the second domain which I think is better. The purpose of AD domains is to create a sort of security boundary. Having said that, why would you want to use a dns server for a domain and that dns server to belong to another domain!? It doesn't make much sense, does it?

Regarding the dhcp .... it actually depends. When a potential dhcp CLIENT requests an address, the first dhcp server that gets the packet would honour that request. Also, you could have a single machine, joining multiple domains ... So having a single dhcp server serving two domains, doesn't look to me as there would be any problem ...

LVL 51

Accepted Solution

Netman66 earned 125 total points
ID: 16946872
Yes on all counts.

You're better off with DNS on each domain - there's not much overhead.

You can use the one DNS server, but you will have to create the zone manually since it won't be AD Integrated.  You will also need to set it to Secure and Unsecure dynamic updates or the child domain members won't register.


Author Comment

ID: 16950685
I would have to say I agree that DHCP shouldn't be a problem serving the 2 domains.  The DNS, well I'm going to keep it as a separate member server for now.  The reason why I've split the network into 2 domains is because we are a school and I am keeping the Staff separate from the Students.

I think I will need to research the DNS issue a bit more because I don't really want to maintain 2 DNS servers.

Thanks for all your help.

LVL 11

Expert Comment

ID: 16951287
Why don't you set up some nice folder level permissions access?


Author Comment

ID: 16951397
oh there will be that as well.  With High School and Middle School students though, you never know if they will try to hack the servers... :(

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question