|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
mikeb56
Guest
|
 Posted: Tue May 16, 2006 3:30 am Post subject: Domain structure and trusts |
 |
|
I have inherited a domain structure in my organization that has left me
a little confused about adding another domain and creating a trust.
The current setup: The domain "corp.mycompany.com" is the toplevel
domain therefore the forest domain with all accounts etc.. I wanted to
create another domain with the same namespace "public.mycompany.com"
and have it in the same forest, however the root "mycompany.com" was
never created.
I have tried building a new domain "public.mycompany.com" as it's own
forest and establishing the forest trust, but I get the error Cannot
contact the domain. Even after creating stub zones in dns for each
domains.
I'm not sure if I re-create the domain and join the exising domain
"corp.mycompany.com" if it will become a sub domain
"public.corp.mycompany.com" Not my desired configuration.
Maybe this is a two part question,
Can I create the new domain in the current forest and keep the common
namespace without a top level domain?
or
Since the original install is already screwed up can I build the new
domain and actually get a forest trust to work? If so any suggestions
getting around that error?
btw: Both the forest and domain functional level are windows server
2003.
Thanks for any input. |
|
| Back to top |
|
 |
|
|
Trevor Sullivan
Guest
|
| Posted: Tue May 16, 2006 3:55 am Post subject: Re: Domain structure and trusts |
|
|
mikeb56 wrote:
| Quote: | I have inherited a domain structure in my organization that has left me
a little confused about adding another domain and creating a trust.
The current setup: The domain "corp.mycompany.com" is the toplevel
domain therefore the forest domain with all accounts etc.. I wanted to
create another domain with the same namespace "public.mycompany.com"
and have it in the same forest, however the root "mycompany.com" was
never created.
I have tried building a new domain "public.mycompany.com" as it's own
forest and establishing the forest trust, but I get the error Cannot
contact the domain. Even after creating stub zones in dns for each
domains.
I'm not sure if I re-create the domain and join the exising domain
"corp.mycompany.com" if it will become a sub domain
"public.corp.mycompany.com" Not my desired configuration.
Maybe this is a two part question,
Can I create the new domain in the current forest and keep the common
namespace without a top level domain?
or
Since the original install is already screwed up can I build the new
domain and actually get a forest trust to work? If so any suggestions
getting around that error?
btw: Both the forest and domain functional level are windows server
2003.
Thanks for any input.
|
I think you're on the right track with building a new forest and adding
a trust relationship. I've done trust relationships between a Windows
2000 and a Windows 2003 domain before without problems. It sounds like
you might have some sort of networking issue that's disallowing your new
forest DC from contacting the old forest. Can you ensure ping
connectivity and proper DNS resolution? I'm honestly not sure if this
matters or not because it's been a while, but when adding a forest
trust, try specifying the FQDN of your old domain instead of its NetBIOS
name? Also, try establishing the forest trust from the other direction
(eg. old --> new) and see if that helps. Just some ideas ...
Trevor Sullivan |
|
| Back to top |
|
|
Trevor Sullivan
Guest
|
| Posted: Tue May 16, 2006 4:15 am Post subject: Re: Domain structure and trusts |
|
|
mikeb56 wrote:
| Quote: | I have inherited a domain structure in my organization that has left me
a little confused about adding another domain and creating a trust.
The current setup: The domain "corp.mycompany.com" is the toplevel
domain therefore the forest domain with all accounts etc.. I wanted to
create another domain with the same namespace "public.mycompany.com"
and have it in the same forest, however the root "mycompany.com" was
never created.
I have tried building a new domain "public.mycompany.com" as it's own
forest and establishing the forest trust, but I get the error Cannot
contact the domain. Even after creating stub zones in dns for each
domains.
I'm not sure if I re-create the domain and join the exising domain
"corp.mycompany.com" if it will become a sub domain
"public.corp.mycompany.com" Not my desired configuration.
Maybe this is a two part question,
Can I create the new domain in the current forest and keep the common
namespace without a top level domain?
or
Since the original install is already screwed up can I build the new
domain and actually get a forest trust to work? If so any suggestions
getting around that error?
btw: Both the forest and domain functional level are windows server
2003.
Thanks for any input.
|
I mean to post this link I found online as well. You could also, at your
choosing, rename your existing domain.
http://www.microsoft.com/technet/technetmag/issues/2005/05/DomainRename/default.aspx
Trevor Sullivan
Microsoft Certified Professional |
|
| Back to top |
|
|
mikeb56
Guest
|
| Posted: Tue May 16, 2006 10:24 pm Post subject: Re: Domain structure and trusts |
|
|
Thanks for the information, I am looking at the renaming option to see
if it will fit this scenario of joining a new forest. Also I found the
following statement in technet regarding creating a forest trust:
"If there is a root DNS server that can be made the root DNS server for
both of the forest DNS namespaces, then make it the root server by
ensuring that the root zone contains delegations for each of the DNS
namespaces. Also, update the root hints of all DNS servers with the new
root DNS server."
I'm wondering if I can bring up another dns server and create the
"root" zone and configure the delegations, will I need to remove the
current zone off my existing domain for the root domain name? and put
it on this new server?
Not even sure if this would work but might be worth a try.
-Mike |
|
| Back to top |
|
|
|
|
