• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1510
  • Last Modified:

Child domain replication question

Hi, I've started work at a company that has an AD forst with 4 child domains within that forest.

I've not come across child domains before, and I was wondering about replication.

In AD sites it shows the child domains DCs replicating with the forest root DCs. I thought that each domain would only replicate with DCs within its own domain?

If I look in DNS, DNS servers in each child domain list zones for other child domains, and each zone shows AD integrated and replication to all DNS servers in the AD forest.

So does each DC in the child domain replicate only the DNS data to other DCs in the whole forest, and not user/computer objects?

3 Solutions
I thought that each domain would only replicate with DCs within its own domain?

Are you having multiple trees in the forest?

Krzysztof PytkoActive Directory EngineerCommented:
Domain Controller replicate data (Active Directory Partitions) between other Domain Controllers in a domain and in a forest.
Some of them are only replicated within a particular domain and some within forest to other domains.

Please check that:

Domain partition is replicated only between DCs within this particuklar domain. There are stored users/computers/groups objects. So, if it's only replicated within particular domain, it cannot replicate those objects to other domains in a forest

Configuration and Schema partitions are forest wide replicated to all DCs in whole forest. But there are no users/computers/groups objects

For more about Domain Partition, please read this MS article at

For DNS zone replication, please review these MS articles. They describe this process better than I would do that

Amitabh SinghAWS Certified Solution Architect | L3 IT Specialist for CloudCommented:
Hi paulo999
simple  terms of Domain controls are fallowing

Domain controller and additional domain controller :
will replicate all AD object and DNS information in full Domain .

child domain controller: CDC is a sub domain or other word you can called as branch office of Domain , its have own AD partition (it miens it will not replicate user,computer and shared folder etc object with domain  )

Example :  you have a Domain called google.com and a sub domain called uk,google.com now in this scenario if you create a new user on google.com it will not visible in uk.google.com and same with uk.google.com both server will have separate AD partition

note: on both domain you will have separate administrator account but member of Enterprise Administrator group will have access to DC and CDC both network and he able to change any thing like administrator !
paulo999Author Commented:
Thanks for the info. That's how I thought it worked but I wanted some clarification
Krzysztof PytkoActive Directory EngineerCommented:
You're welcome :)


Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now