Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 793
  • Last Modified:

Is the first domain created in active directory always the Forest Root?

When creating the first domain in active directory, it is set as the forest root.

Can a second domain created after the first be converted to now act as the forest root.

For example:

Domain 1: test.ad.example.com

Domain 2: ad.example.com
0
elchermans
Asked:
elchermans
  • 2
1 Solution
 
Mike KlineCommented:
No unfortunately  you can't  change the root
0
 
MaheshArchitectCommented:
You cannot restructure forest root domain, its by design

However you can have tree root domain which will be having different name space in same forest

You can use the domain rename process to reposition any domain in the domain tree hierarchy of a forest, with the exception of the forest-root domain. Remember that although you can rename the forest root domain (you can change its DNS and NetBIOS names), you cannot reposition it in such a way that you designate a different domain to become the new forest root domain.

http://technet.microsoft.com/en-us/library/cc738208(WS.10).aspx

Mahesh.
0
 
N-WCommented:
You can reposition any domain in the forest except for the forest root domain. Although you can't reposition the forest root domain, you can rename it.

So if you haven't already created "ad.example.com" (or you can delete it), you could rename your forest root domain to be "ad.example.com" and then create the child domain "test.ad.example.com".
0
 
MaheshArchitectCommented:
There are limiting factors as well you must be aware before proceeding domain rename

If you have Exchange 2007 \ 2010 deployed, you simply cannot rename domain

Domain rename is supported in a forest in which Exchange Server 2003 with Service Pack 1 (SP1) is deployed. However, domain rename is not supported in an Active Directory forest in which Exchange 2000 Server is deployed. When the domain rename tool detects this condition, it will not proceed with the domain rename process.

Also if you have any AD integrated applications where domain name is hardcoded (very rare case) , those applications will not work after rename

Mahesh.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now