How to Add a new domain in an offshore office to an existing Windows 2003 Active Directory?

Posted on 2007-10-10
Last Modified: 2012-05-05
We have a WIndows 2003 Active Directory with single domain (Domain A) in North America. Domain A has two Windows 2003 Domain Controllers and one of DC has DNS, DHCP, Global Catalog and FSMO on it. The subnet is (Network A) We have a firewall with VPN for this network.

We will build a brand new domain (Domain B, Netowork B in an offshore in Asia with a new Windows 2003 domain controller. We will install DNS/Wins/DHCP on this new domain controller and let it act role of FSMO and Global Catalog.  A new firewall with VPN will be setup on this network.

We'd like setup site-to-site VPN connection between headoffice (Network A) and offshore office (Nework B). We will also want to allow users in Domain B have access to Domain A and certain folders on file servers among two neworks can be replicated automatically.

How can we add this new Domain B to an existing Windows 2003 Active Directory? How can we realize it?


Question by:vijitc
    LVL 13

    Assisted Solution

    Point the network properties DNS settings to the current AD DNS.  Make sure your connectivity is good.  When you run dcpromo, join the existing forest.
    LVL 48

    Expert Comment

    LVL 48

    Accepted Solution

    What you need, once your vpn is up, is to create a forest trust between the two domains, this will alow access through.
    That is if you are choosing to go a multiple domain environment...

    I would also advise using conditional forwarding for DNS so that requests for each domain are sent to the right place

    Much better off adding an additional DC though in the remote site and configuring AD sites and services

    DNS Server in each site, GC in each site, and away you go, replicating central AD

    This as a whole is no small task, but we can help you through the whole thing

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now