Solved

Deploying new domain controller for different AD domain under the same subnet as the existing AD domain ?

Posted on 2016-08-28
6
124 Views
Last Modified: 2016-08-28
people,

I have the need to deploy a separate AD domain in my data center to manage new business that requires to be joined to the comapny.

In my current setup the Data center AD sites has 2x VMs runnning as Windows Server 2008 R2 AD FFL & DFL:

Data Centre AD Sites:
PRODDC01-VM - IP: 10.1.2.8 - Schema master for Domain.com AD
PRODDC03-VM - IP: 10.1.2.10 - Domain naming master for Domain.com AD

HQ AD Sites running 1x Windows Server 2012 R2 as Physical box:
HODC01 - IP: 10.1.30.6 - Infrastructure master, PDC and RID pool manager for Domain.com AD

So my plan here is to deploy 1x new Windows Server 2012 R2 VM as new AD domain:
Data Centre AD Sites:
PRODDC04-VM - IP: 10.1.2.120 - All FSMO Role for MyNewDomain.com AD

is that going to be working with no problem or is that a big issue not according to best practice ?
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 40

Accepted Solution

by:
footech earned 250 total points
ID: 41774275
There's no problem as far as AD is concerned.

Your only potential issue is to do with IP management.  You'd only be able to have DHCP for one of the domains.  Of course, there are benefits to having a logical separation of networks for different environments, and from that perspective what you're proposing is not best practice.
1
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41774277
from that perspective what you're proposing is not best practice

Thanks for the clarification Footech,

I was thinking that I cannot deploy domain controller for different AD domain in the same IP subnet as the current AD domain.

But yes, it is going to manage different company with different IP address anyway.
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 250 total points
ID: 41774286
As stated, there is no problem - BUT, make sure there are no duplicate names - don't name the DC the same as the existing DCs on the network, don't name the domain the same.  AD still broadcasts and when doing so things can get confused if you use the same names.
1
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41774293
Cool, many thanks Lee.

So for the Domain Controller of a new AD domain, is it possible for me to create one way AD trust safely ?

From:

Existing: Domain.com -------into----> New: MyDomain.com
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 41774304
Sure, should be fine.
1
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 41774305
Thanks All !
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question