Configure Child Domain Different Subnet – Hyper-v
With the need of virtual infrastructure getting high attention for performing testing either in Mid-size or Enterprise organization, need for quick network turnover
time is required. There are many scenarios where Engineers have to demonstrate their applications with a day in their hand, Hyper-v saves you from those scenarios. Be it for learning, testing or presentation, the below guide will provide configuration of domains
across multiple subnets in Hyper-v environment.
This lab is built on the following
Windows server 2012 ( standard / Enterprise) - X 2
Server hosted for Active Directory
Windows Sever 2008 R2 / Windows Server ( standard or Enterprise)2012
Server hosted as Router
Note: Licensing should be managed accordingly
Install the service on one of the Windows Server 2012.
DNS infrastructure on both servers
DNS service for name resolution
IP Subnets – X 2
192.168.1.x and 10.25.10.x
Routing and Remote Access
Routing between two subnets
Assuming that administrators have successfully installed and configured Windows Servers with latest service packs, below are the detail steps needs to be followed
Install and configure Hyper-v role on the Physical server, the role can be installed through
Server Manager à Manage
à Add Roles and Features
Next from the above screen.
Role base or Feature based installation and select Next .
Select the server from the Server Pool, as I have only one server configured in the Server pool, I have selected my server for Hyper-v installation.
As you can see from above that
Hyper-v role is already installed. Perform the above steps to successfully install the Hyper-v on either windows Server 2012 or Windows Server 2008 R2 operating systems.
Once the Hyper-v is installed, it should be configured for
Storage and Networking, in an Enterprise Organization, there will be dedicated Storage provisioned for the virtual machines to be hosted, and the VLANs that needs to be configured, Administrators who are performing this lab can communicate with
the respective Storage / Networking teams for obtaining the LUN and Network Subnet ( VLAN )
information. I have selected external USB for my lab and hosting all my VMs on the USB disk which has 1 TB of disk space.
To utilize advance capabilities of Hyper-v features, it is advisable to use Windows Server 2012 Operating Systems.
Configuring Hyper-v networking with multiple subnets. Hyper-v
Virtual Switch Manager provides 3 different types of Network that can be configured on the Virtual machines such as
External – Enable virtual machines to access Internet
Internal – Communication between Virtual machine and Host
Private – Communication between virtual machines and not with Host.
Either Internal / private networks are advisable for testing purpose which will not introduce any problems when the routing and remote access is introduced between
networks, I have configured Internal network switch for this lab. To configure Internal Network / Private Network, launch
Hyper-v Manager ( virtmgmt.msc ) and navigate to Virtual Switch Manager
which would open the below window
Create Virtual Switch and enter the required information,
On the Hyper-v Host, navigate to
Network Connections and enter the IPv4 address as shown below
Ever Action on Virtual Machines!!
Install the Guest Operating Systems and configure the following
Windows Firewall Ports
User accounts and add them to respective local groups ( if required )
IPV4 Network addresses.
The above steps should be performed on the 3 operating systems such as
First Domain Controller ( wind server 2012 ) – 192.x.x.x network
Child Domain Controller ( windows server 2012 ) – 10.x.x.x network
Router ( RRAS ) – both adapters
RRAS system / Router should be configured with multiple NICs and Multiple NICs should be added through Hyper-v Manager as shown below
After installing the RRAS server, right the
server name à
Settings which will open the below wizard
Add Hardware options, select Network Adapter which should add second adapter to the RRAS server.
Navigate to Network Connections
( ncpa.cpl ) and ensure the below settings are configured as shown below
configuring the Router is the primary step before installing the Domain controllers on the respective Networks. Navigate to the Router Virtual machine and login with the user account which has administrator
privileges to install the services.
I have installed Windows Server 2008 R2 as Router.
Server Manager à Add Role Wizard
and click Next
Network Policy and Access Services ( installed ) from the Add roles wizard.
Routing and Remote Access à Click Finish
to install the role successfully.
Open Routing and Remote Access
from Administrative Tools. Right Click on Server and click Properties
which will open the below wizard.
Local Area Network ( LAN ) Routing only and click OK .
From the Router, ensure the routing is successful between 2 subnets. You can use PING to perform the tests, if ICMP is blocked in the environment, administrators can quickly connect to windows shares
on either network which will ensure the connectivity is successful.
From the above result, successful ping is performed between two subnets successfully.
Default Gateway Configuration
Post configuration of RRAS, there is a need to change the Virtual Machines Default Gateway. The DG should be pointing
to RRAS as shown below
Forest Root Domain Installation
Navigate to Forest Root Domain (This will be the first Domain in the Active Directory Forest and the First Domain Controller). Below are the steps to configure the first Domain in the Active Directory
Install Active Directory Domain Services role:
Note: Some of the snapshots are collected from my previous post, server name might be different but steps remains same.
Promoting the server to domain controller which can be performed by navigating to
Server Manager à AD DS
Click on More
which is towards right end of “Configuration Required for Active Directory Domain Services “,
administrators will view the below wizard
From the above wizard click on
“Promote this server to a domain” which would bring the following wizard
Add a New Forest from the below wizard
Enter the domain name ( FQDN ) and click
next . ( Provide the necessary administrator credentials to perform the action)
We have successfully installed and configured
Active directory Forest Root Domain on the first Domain Controller.
Child Domain Configuration
Step11: Before installing Child Domain on different subnet, ensure the network connectivity is successful between ( 192.x.x.x and 10.x.x.x
Networks ) and proceed by promoting the member server to domain controller / Add child domain to the existing Active Directory Forest.
Perform the above steps outlined under (
Forest Root domain Installation / Step9 and Step10) , while on below wizard select
Add a new domain to an existing forest.
Enter the Forest Root domain / Parent domain to which child domain is configured, select the valid credentials and finish the configuration. This steps would ensure
that both Root domain and child domains are configured successfully.
if there is no internetworking established between 192.x.x.x and 10.x.x.x Administrators would fail to create child domain.
Creating Active Sites, Subnet and Site Link Objects
After successfully installing the Primary and Child Active directory Domains, it is required to create the necessary Site Object, Subnet object and Site link Objects
to perform the successful replication of Naming contexts. Below are the steps to configure them accordingly.
Creating Sites is not required unless the site has Dedicated Domain Controller or any services requires site topology information ( DFS ).
To create Subnet / Sites, the user should be member of Enterprise Administrator Group.
Create Site Object :
Open Active Directory Sites and Services
application and perform the below actions
Under Name: <Enter the name of the site you wish to create>
And select the
Site Link Object listed below. The site link provides direct communication between the domain controllers in different Sites.
Create Subnet Object:
Create the subnet object which represent the physical subnet of the organization.
Enter the prefix Eg: 192.168.1.1/24
, select the Site object and click OK.
Create site Link Object:
Site link object establishes successful communication between the domain controllers.
After creating the respective objects, it’s time to move the Domain Controllers from
Default First Site Name to respective Sites, Administrators can right click on the server and click
Move and select the Site that acts as place holder.
After moving the servers to new subnets, administrators should test the Replication status between the servers, this can be achieved either through command line utilities (REPADMIN) or through GUI application
called Active Directory Replication Status Tool (Downloadable through TechNet)
The output of the tools is as below.
This article demonstrates End-End process involved in creating the Infrastructure to stage Multiple Active Directory Domains across Subnets.
What did you use as the DNS configuration for the child domain DC pre and post creating the child domain?