Active Directory Domain service conflicts?

I have been requested to attach a Microsoft Dynamics 2012 test system to current Windows 2008 domain/network to allow remote access for a group of testers. The test system consists of a Hyper-V server and 4 VM's, one of which acts as a domain controller/provides domain services for the Contoso domain.

My question comes from a concern over conflict with our current domain controllers. can someone confirm this would not be a good thing? If anyone can point me to a MS document that describes whether or not this is appropriate I would appreciate it.

Thanks!
LVL 1
agradminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnB442Commented:
What you've been asked to do seems reasonable and possible.  Your test setup could be on the same network as production as long as it is not some kind of clone (renamed or otherwise) of the production Forest/Domain. I can think of a few ways to set this up, but it all depends on your infrastructure. You could keep the test domain isolated via firewall, etc. and open up RDP port (3389) for access. You could setup a one-way Domain trust with the production so that users in the production Domain could be granted access to resources in the test domain. Those are just a couple that came to mind - It really depends on your infrastructure, security requirements, remote access setup, etc.

If you decide to setup a trust relationship, here's a link to more information on that:
Active Directory Domains and Trusts
http://technet.microsoft.com/en-us/library/cc770299.aspx

Even though you shouldn't need to go this far, similar situations arise during mergers and acquisitions,

Restructuring Active Directory Domains Between Forests
http://technet.microsoft.com/en-us/library/cc786927(v=ws.10).aspx
The link is for 2003, but the process would be similar

Hope that helps...
-JB
0
JohnB442Commented:
A couple more thoughts... The bottom line is that you should be able to safely allow users access to both domains while using the existing client systems. One major item that you'd have to address is DNS, and how clients will lookup resources in the test domain. You could setup a secondary zone on your production DNS servers while keeping the Test Domain/Forest separate. One thing to keep in mind if you add a trust - It will be visible in drop-down domain lists for all production systems once it's setup.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
agradminAuthor Commented:
Thanks for the insight!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.