Announcement

Collapse
No announcement yet.

Child domain/additional domain controller?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Child domain/additional domain controller?

    Hello, guys how are you doing? I am working in a small company as network administrator and most of the time I am worried about the issue of the server I mean if the server fails, what I will do?

    I have win server 2003 which is DHCP and acting as Application server (sql server 2005) in there and connected with DHCP clients. What I want is incase if the server stops or dies due to bad hardware or virus; what you do?

    1. Does a child domain can act as a parent domain (I mean become as a domain controller)? If not, what is the use of child domain?
    2. What about additional domain controller; Microsoft says “in win server 2003/2008 there must be two domain controller installed in the server incase one fails the other become as a domain controller” just like PDC/BDC in win NT4. So, is it possible to install the 2nd domain controller in the same server? How you do it?


    Please guys I need your help

    God bless you

  • #2
    Re: Child domain/additional domain controller?

    This sounds like a basic home work question and you also seem rather confused about the right terminology.. SBS MUST hold ALL the FSMO roles and be the root DC in the forest. In addition judging by what your explaining a child domain isnt neccesary. Simply build another DC/DNS ON SEPERATE hardware and allow them to replicate if you want a redundant topology.
    Last edited by scurlaruntings; 26th May 2009, 19:33.

    Comment


    • #3
      Re: Child domain/additional domain controller?

      I do not think SBS can have child domains at all:
      The SBS system must be the root of the Active Directory (AD) forest, and the SBS domain can't trust other domains or have child domains. Several survey respondents expressed concern about SBS's inability to expand into other domains and establish trusts.
      http://windowsitpro.com/article/arti...-sbs-2003.html
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Child domain/additional domain controller?

        Originally posted by Ossian View Post
        I do not think SBS can have child domains at all:

        http://windowsitpro.com/article/arti...-sbs-2003.html
        SBS isnt capable of trusting other domains by default nor does it support child domains.

        Comment


        • #5
          Re: Child domain/additional domain controller?

          Thank you very much guys


          is it possible to replicate two W2K3 in different subnets? could you show in senario please?

          Comment


          • #6
            Re: Child domain/additional domain controller?

            Are we still talking about your SBS or is this a totally different question?
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: Child domain/additional domain controller?

              Yes, I am asking how I can make additional domain controller in my SBS-2003. And recently I found an answer by SCURLARUNTINGS says “Simply build DC/DNS ON SEPERATE hardware and allow them to replicate if you want a redundant topology."

              As I said earlier, I have win server 2003 DHCP (SBS). And right now, I want to create a 2nd domain controller having different subnet in another machine so that by linking the two servers in AD sites and services to make a replication. So, do you think is it possible? In theory it seems easy but I don't know how to do it.

              You know sir, why I am raising this issue is; because of how could I take care of this SBS-2003 server incase of failed.

              I think it is clear for you

              Thanks

              Comment


              • #8
                Re: Child domain/additional domain controller?

                OK, sorry -- the way you switched from SBS to W2K3 threw me

                As long as you have routing in place between the subnets there will be no problems -- remember you need to keep the FSMOs on the SBS

                But do you need two subnets or just an additional DC on your LAN?
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Re: Child domain/additional domain controller?

                  Originally posted by danyee View Post
                  Yes, I am asking how I can make additional domain controller in my SBS-2003. And recently I found an answer by SCURLARUNTINGS says “Simply build DC/DNS ON SEPERATE hardware and allow them to replicate if you want a redundant topology."

                  As I said earlier, I have win server 2003 DHCP (SBS). And right now, I want to create a 2nd domain controller having different subnet in another machine so that by linking the two servers in AD sites and services to make a replication. So, do you think is it possible? In theory it seems easy but I don't know how to do it.

                  You know sir, why I am raising this issue is; because of how could I take care of this SBS-2003 server incase of failed.

                  I think it is clear for you

                  Thanks
                  Why on a dissimilar subnet? This presents more issues as a router will be required with the neccesary ports open to allow for DNS/AD/GC and replication. Will additional server be in a phyiscally diffrent location/site?

                  Comment


                  • #10
                    Re: Child domain/additional domain controller?







                    First let me tell you the infrastructure of the LAN that I found out in this company.
                    1. we have two different users according to the administration
                    A.The DHCP clients are forbidden to access an internet, even CD-room, floppy, and also external HDD are disabled.
                    B.The 2nd group of users are granted to access an internet.

                    You know how they did this, I will tell you in detail

                    1. DHCP server having an IP = 192.168.0.1 connected to the SWITCH and from this switch to the DHCP clients and this clients they access windows Application from the server.
                    2. There is A Router (G.W) = 192.168.1.1 also connected to the same SWITCH with the DHCP server. From this switch in to different group of computers and accessing an internet (peer to peer).

                    So, I need to create additional DC in my LAN with same SUBNET of the ROUTER. Do you think it is possible?


                    Please guys help me

                    Comment


                    • #11
                      Re: Child domain/additional domain controller?

                      Creating a DC as a secondary one is possible and I highly recommend it. You need to domain prep and ad prep the SBS domain using the installation CD for the new DC; you will need to purchase this separately and appropriate licensing and can't be an SBS version. This way, should SBS ever fail, worst case scenario is that you could seize FSMO roles to ensure immediate recovery.

                      With regards to AD Sites and Services, I am not sure but I'm sure someone else will and I'll know for another time.

                      Comment


                      • #12
                        Re: Child domain/additional domain controller?

                        1 As has been clearly stated there are no child/trust domains in SBS environment
                        2 Adding a domain controller is done exactly the same way as in any other environment.
                        3 I alway question the wisdom of adding another DC for failure purposes. A good backup/image solution is IMHO a better solution, since the time spent making the secondary DC ready to handle the domain/workstations is better spent repairing the SBS whcih anyway has the exchange , sharepoint and user files on it (usually)
                        4 Control of who uses the internet can be done by group policy and/or group membership (SBS Internet Users)
                        TIA

                        Steven Teiger [SBS-MVP(2003-2009)]
                        http://www.wintra.co.il/
                        sigpic
                        I’m honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

                        We don’t stop playing because we grow old, we grow old because we stop playing.

                        Comment


                        • #13
                          Re: Child domain/additional domain controller?

                          Hello, Guys how are you doing?

                          yeah, i understand what you are saying but until now i didn't find an answer to my question. what i am saying is:-

                          I have two different SUBNETS. the question is, can REPLICATION takes place between two different servers in different subnets? if the answer is yes, how?

                          Some one told me that first connect the two servers using SUPERNET. i mean how come?

                          * 192.168.0.1 + 192.168.1.1 = 255.255.255.252 ???


                          Please guys i need your help


                          thanks

                          Comment


                          • #14
                            Re: Child domain/additional domain controller?

                            Originally posted by danyee View Post
                            Hello, Guys how are you doing?

                            yeah, i understand what you are saying but until now i didn't find an answer to my question. what i am saying is:-

                            I have two different SUBNETS. the question is, can REPLICATION takes place between two different servers in different subnets? if the answer is yes, how?

                            Some one told me that first connect the two servers using SUPERNET. i mean how come?

                            * 192.168.0.1 + 192.168.1.1 = 255.255.255.252 ???


                            Please guys i need your help


                            thanks
                            Place a router between them and turn the firewall off so all packets are forwarded. And i doubt you`ll want a broadcast domain that small. Unless your only putting 2 devices in it.
                            Last edited by scurlaruntings; 1st June 2009, 09:35.

                            Comment


                            • #15
                              Re: Child domain/additional domain controller?

                              Hello, guys how you doing?

                              I think i replicated the two servers in different subnets but i don't know whether it's the right replica or not. let me tell you show you how i did this:-

                              * in the 2nd DC by accessing the LAN connection properties--TCP/IPv4properties--Advanced--in the Add IP-Address, i added IP-Address from the 1st DHCP server i had reserved IP-Address and then i accessed A remote desk connection from the 2nd server to the DHCP server. then i go to AD sites and services and i linked to the 2nd DC and then in the NTDS settings ---New AD connection added the 2nd server. right now, i have two DC under NTDS settings. and i cheked the replication topology, it's OK. but my question is :-
                              1. did i make the right replication?
                              2 if i transfer the FSMO ( dns roles) to the 2nd DC, incase if i don't like it; or some thing happened to this DC; can i put it back again with out any problem?

                              thanks

                              Comment

                              Working...
                              X