Solved

Deploying new domain controller for different AD domain under the same subnet as the existing AD domain ?

Posted on 2016-08-28
6
111 Views
Last Modified: 2016-08-28
people,

I have the need to deploy a separate AD domain in my data center to manage new business that requires to be joined to the comapny.

In my current setup the Data center AD sites has 2x VMs runnning as Windows Server 2008 R2 AD FFL & DFL:

Data Centre AD Sites:
PRODDC01-VM - IP: 10.1.2.8 - Schema master for Domain.com AD
PRODDC03-VM - IP: 10.1.2.10 - Domain naming master for Domain.com AD

HQ AD Sites running 1x Windows Server 2012 R2 as Physical box:
HODC01 - IP: 10.1.30.6 - Infrastructure master, PDC and RID pool manager for Domain.com AD

So my plan here is to deploy 1x new Windows Server 2012 R2 VM as new AD domain:
Data Centre AD Sites:
PRODDC04-VM - IP: 10.1.2.120 - All FSMO Role for MyNewDomain.com AD

is that going to be working with no problem or is that a big issue not according to best practice ?
0
Comment
  • 3
  • 2
6 Comments
 
LVL 40

Accepted Solution

by:
footech earned 250 total points
ID: 41774275
There's no problem as far as AD is concerned.

Your only potential issue is to do with IP management.  You'd only be able to have DHCP for one of the domains.  Of course, there are benefits to having a logical separation of networks for different environments, and from that perspective what you're proposing is not best practice.
1
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41774277
from that perspective what you're proposing is not best practice

Thanks for the clarification Footech,

I was thinking that I cannot deploy domain controller for different AD domain in the same IP subnet as the current AD domain.

But yes, it is going to manage different company with different IP address anyway.
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 250 total points
ID: 41774286
As stated, there is no problem - BUT, make sure there are no duplicate names - don't name the DC the same as the existing DCs on the network, don't name the domain the same.  AD still broadcasts and when doing so things can get confused if you use the same names.
1
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 41774293
Cool, many thanks Lee.

So for the Domain Controller of a new AD domain, is it possible for me to create one way AD trust safely ?

From:

Existing: Domain.com -------into----> New: MyDomain.com
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 41774304
Sure, should be fine.
1
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 41774305
Thanks All !
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
An article on effective troubleshooting
This video discusses moving either the default database or any database to a new volume.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question