?
Solved

Should I do a Child Domain or just a Domain

Posted on 2014-04-29
8
Medium Priority
?
513 Views
Last Modified: 2014-05-05
We have an existing server at one of our branch offices that needs to be joined to the Primary Domain at our main office.  Example:(Main office...192.168.1.1 - Branch office...192.168.2.1) we are running VPN between the two.  Should I set the server at the branch office as a child or as a additional domain and please direct me to a good article on how.  This is a Windows Server 2008 environment.  Thanks
0
Comment
Question by:PowerC280
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 22

Expert Comment

by:Radhakrishnan R
ID: 40032333
Hi,

I would suggest to add as a child domain. Create a new child domain when you want to create a domain that shares a contiguous namespace with one or more domains. This means that the name of the new domain contains the full name of the parent domain. For example, sales.microsoft.com would be a child domain of microsoft.com. As a best practice, you create new domains as children of the forest root domain.

You can use this procedure http://technet.microsoft.com/en-us/library/cc787706(v=ws.10).aspx.

Hope this helps
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 600 total points
ID: 40032395
Is the branch server a member of a domain already? I don't see why you would want to create a new domain. You should join the Branch server to the existing domain as a member server. How many domain controllers do you have in the main domain? If you have only one, you should have at least two and you should consider making the branch server a domain controller. If you have multiple domain controllers you can consider making the branch server a read only domain controller.

The general Misrosoft recommendation is to have single domain environments.
0
 
LVL 44

Expert Comment

by:Amit
ID: 40032795
One Forest and One Domain is the best option here. So answer to your query is add it as additional server. I don't see any use of creating child domain.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:PowerC280
ID: 40033630
Does anyone have any good step by step on adding a server to a domain as a member?
0
 
LVL 25

Assisted Solution

by:Coralon
Coralon earned 600 total points
ID: 40033698
There is no reason to even consider a 2nd domain for only 2 offices.  This is a very easy configuration.  

1. Build your 2nd server at the 2nd site.
2. Point the DNS for that server at your existing DC across the wire for DNS as a primary, and at itself as the secondary.
3. Install DNS on that server, and the Active Directory role.
4. Make sure your primary DNS at the primary site only points to itself for DNS.
5. Make sure you have the root hints enabled on both DNS servers.
6. Enable the AD role on the server after the reboot.  The enablement will take some time depending on the link speed.  
7. Define 2 separate sites.  
8. Define your 2 subnets, and assign them to the correct sites.  Your DC's should put themselves in the correct sites.

That's really about it.   Do this over the weekend so that your network has time to replicate and 'settle down'.  

Coralon
0
 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 800 total points
ID: 40036938
In your case I would recommend  to add additional domain controller

Refer below link with screenshot for how to add additional domain controller for existing domain

http://www.addictivetips.com/windows-tips/how-to-create-additional-domain-controller-adc-in-windows-server-2008/
0
 
LVL 20

Expert Comment

by:wolfcamel
ID: 40039355
you add the server to the domain the same way you add a workstation.
It is only if you want to share roles that it gets a little more complicated.

you also need to watch out for dhcp and dns between the two sites but really that is another question.
0
 

Author Closing Comment

by:PowerC280
ID: 40042004
Thanks guys....
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question