locked
child domain and sysvol replication RRS feed

  • Question

  • HI got a question ,

    I trying to achieve something that may be not  possible .Ill ask  just in case .

    Basically i have simple forest with 1 parent domain and child domain. They both are in seperate physical site and in ads site .

    My main site hold DC from the parent domain and my 2nd site got my dc of my child domain . It 2 way trust in 2 ads site and replication working fine. Everyone old a GC and ADS integrated DNS zone of all the forest . My issue is that my second site hold public web site , in my child domain every critcal service are on different network db /iis/dc ,so the only traffic that can go tru my intersite link is ,full dc replication and rdp from parent to child 1 way . no file sharing or anything else.

    So when I logon into a child domain server with parent domain account , it work ,my child domain proccess login but obviously i dont have acces to the parent sysvol /user gpo /etc .  Is there any way to delegate a copy of my parent sysvol to my child domain and have it process it for logon  ?

    Obviously i can install a new dc over there and create a 2nd management network and all the acl and nat for the different network,etc ,etc or allow the traffic in the LanEx . But in booth case  i create more hole i the network. it what iam trying to avoid here .  



    • Edited by ben.city Tuesday, January 8, 2013 11:59 PM
    Tuesday, January 8, 2013 11:56 PM

Answers

  • Hi,

    Do you mean that you want your child domain admin have access to the parent domain's SYSVOL?

    As far as I know SYSVOL is specific and unique for each domain, and I would like suggest you don't share this to child domain, if there is something you want to share to child domain, why not create another share folder for both domain.

    Regards,

    Yan Li


    Cataleya Li
    TechNet Community Support

    • Marked as answer by Yan Li_ Tuesday, January 15, 2013 2:23 AM
    Friday, January 11, 2013 8:58 AM