Windows 2008 AD Parent / child Won’t sync
This topic contains 2 replies, has 3 voices, and was last updated by 
pjhutch 7 years, 9 months ago.
-
Posts
-
Hello all, :wink:
At our company we have a nice little project in the works were I’m challenged to create a Parent domain server (windows 2008) with, at this time one child (windows 2008 R2). There will be more in the future. I’ve created the Child (parent was already running before I joined the company) from scratch and joined them in the Forrest with a new domain name. Taking contoso as an example the parent is called contoso.com, the child gb.contoso.com.
I noticed that I can login on the child with the domain name CONTOSOAdministrator without any problems. Even the domain GBAdministrator works. But when I check the Active Directory on the child DC it’s empty, even when I push replicate now in Active directory Sites and Services nothing happens. The NTDS settings are correct, from SRV01 in the Contoso domain there’s a Rule that connects to the GBSRV01 in the child domain. From the GBSRV01 there’s also an connection to the SRV01 in the Contoso domain. Still when I press Replicate now nothing happens.
I have checked the log files and can’t find anything that suggest that there is anything wrong in the settings.Can anybody help me with this problem. :)
Re: Windows 2008 AD Parent / child Won’t sync
What do you mean by “Active Directory on the child DC it’s empty?”
Is the DC in the Domain Controllers OU?
Is there users and groups in the Users container?The reason you can logon with the parent domain’s administrator account is because it is part of the Enterprise Admins group which has administrative access in all domains in the forest.
Re: Windows 2008 AD Parent / child Won’t sync
A child domain is a completely new domain in its own right, so I would expect it would be empty to start with.
If you want another DC with the same users and groups as the parent domain then you would add that DC to the parent domain and it would replicate all the users and groups etc to the new DC. This does not happen for child domains.
A child domain has its own name space, will have its own DNS zone and have its own users and groups but will be fully trusted with its parent domain (transitive trust).
You must be logged in to reply to this topic.