Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 541
  • Last Modified:

Should I do a Child Domain or just a Domain

We have an existing server at one of our branch offices that needs to be joined to the Primary Domain at our main office.  Example:(Main office...192.168.1.1 - Branch office...192.168.2.1) we are running VPN between the two.  Should I set the server at the branch office as a child or as a additional domain and please direct me to a good article on how.  This is a Windows Server 2008 environment.  Thanks
0
PowerC280
Asked:
PowerC280
3 Solutions
 
Radhakrishnan RITCommented:
Hi,

I would suggest to add as a child domain. Create a new child domain when you want to create a domain that shares a contiguous namespace with one or more domains. This means that the name of the new domain contains the full name of the parent domain. For example, sales.microsoft.com would be a child domain of microsoft.com. As a best practice, you create new domains as children of the forest root domain.

You can use this procedure http://technet.microsoft.com/en-us/library/cc787706(v=ws.10).aspx.

Hope this helps
0
 
kevinhsiehCommented:
Is the branch server a member of a domain already? I don't see why you would want to create a new domain. You should join the Branch server to the existing domain as a member server. How many domain controllers do you have in the main domain? If you have only one, you should have at least two and you should consider making the branch server a domain controller. If you have multiple domain controllers you can consider making the branch server a read only domain controller.

The general Misrosoft recommendation is to have single domain environments.
0
 
AmitIT ArchitectCommented:
One Forest and One Domain is the best option here. So answer to your query is add it as additional server. I don't see any use of creating child domain.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
PowerC280Author Commented:
Does anyone have any good step by step on adding a server to a domain as a member?
0
 
CoralonCommented:
There is no reason to even consider a 2nd domain for only 2 offices.  This is a very easy configuration.  

1. Build your 2nd server at the 2nd site.
2. Point the DNS for that server at your existing DC across the wire for DNS as a primary, and at itself as the secondary.
3. Install DNS on that server, and the Active Directory role.
4. Make sure your primary DNS at the primary site only points to itself for DNS.
5. Make sure you have the root hints enabled on both DNS servers.
6. Enable the AD role on the server after the reboot.  The enablement will take some time depending on the link speed.  
7. Define 2 separate sites.  
8. Define your 2 subnets, and assign them to the correct sites.  Your DC's should put themselves in the correct sites.

That's really about it.   Do this over the weekend so that your network has time to replicate and 'settle down'.  

Coralon
0
 
Sarang TinguriaSr EngineerCommented:
In your case I would recommend  to add additional domain controller

Refer below link with screenshot for how to add additional domain controller for existing domain

http://www.addictivetips.com/windows-tips/how-to-create-additional-domain-controller-adc-in-windows-server-2008/
0
 
wolfcamelCommented:
you add the server to the domain the same way you add a workstation.
It is only if you want to share roles that it gets a little more complicated.

you also need to watch out for dhcp and dns between the two sites but really that is another question.
0
 
PowerC280Author Commented:
Thanks guys....
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now