Building 2012 forest in AD

Yeah you'll have to set up a new Forest alright as if you created another domain within the law library.local it is still part of the same forest and therefore falls within the same security boundaries. If you are only going to have the forest internally used i.e. Nobody connecting to it etc from the outside world then you don't need to register a DNS name but when you are creating the new forest it will ask you for the name of the forest, it will need to be unique on your network.

Building a separate forest for internal use. Nobody will be connecting to it from outside. I want the naming to be separate and also different security boundaries. Just want to make sure I don't need to register a DNS name for this.

As far as I'm aware I just need to create a unique name (within the network for the forest, is this correct?)

I have the 2012R2 server deployed from template. I'll go through creating it and then adding it to a new forest anything else I need to take into account

A smaller question:Is it worth doing this through Azure instead  looking to create a new internal forest with a new domain for 60 pcs thanks 👍👍
Who is Participating?
Jeff GloverSr. Systems AdministratorCommented:
Internally, you can use just about any name as long as you aren't connecting to the outside and vice versa. A lot of companies use a .local domain (i.e. corp.local) internally. We have 2 separate .local forests internally. The thing you have to watch out for is DNS resolution. I recommend you install DNS on your new DC and make it the root of your new internal forest. Then, if your 60 pcs use DHCP, make sure to add a conditional forwarder in your main internal DNS server pointing the name of your new forest to the new server so they can find the domain. If the clients are going to be Statically addressed, then just point them at the new DC.
David Johnson, CD, MVPOwnerCommented:
one one hand you say totally seperate, and on the other hand you want to connect 60 pc's.. internally you can use any name you want.. I'd wager there are a few million labs that use or  The only time you need a registered dns name is if it going to be accessed by that name externally.
Indie101Author Commented:
Totally separate to our current domain we want to add specific pcs which use deep freeze

Is there an issue with the way I'm outlining this just want to be sure in the planning thanks
Indie101Author Commented:
Not using a test lab name it will be specific and unique to our network
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.