none
Parent domain and child domain RRS feed

  • Question

  • Hi,

    I am having windows server 2003.its having domain and ADS.

    Now i got another one server 2008.

    I am going to do the parent domain and child domain.

    Parent domain should be server 2008 and child domain should be existing server 2003.

    Can you help me how to add the server 2003 to server 2008.

    I want replicate the domain and ADS and all the information to parent server 2008.

    What are the steps i have to do please help me.

     I am very new for this so please help me how to replicate the 2003 domain and ADS to parent server 2008.

    How can i make server 2008 as a parent domain and server 2003 as a child domain and how to replicate the server 2003 domain and ADS to server 2008.

     

    IT IS VERY URGENT CAN YOU PLEASE HELP ME.

    Thanks in advance .

    Regards,

    Suthakar
    Sunday, June 12, 2011 7:09 AM

All replies

  • Hi,

    I am having windows server 2003.its having domain and ADS.

    Now i got another one server 2008.

    I am going to do the parent domain and child domain.

    Parent domain should be server 2008 and child domain should be existing server 2003.

    Can you help me how to add the server 2003 to server 2008.

    I want replicate the domain and ADS and all the information to parent server 2008.

    What are the steps i have to do please help me.

     I am very new for this so please help me how to replicate the 2003 domain and ADS to parent server 2008.

    How can i make server 2008 as a parent domain and server 2003 as a child domain and how to replicate the server 2003 domain and ADS to server 2008.

     

    IT IS VERY URGENT CAN YOU PLEASE HELP ME.

    Thanks in advance .

    Regards,

    Suthakar
    Sunday, June 12, 2011 7:10 AM
  • Hi,

     

    What I understand is you have one domain and you want to introduce 2008 as primary ADC adn windows 2003 as secondary ADC.

    Follow the steps

    1. JOin windows 2008 in domain

    2. Run ADprep/Forest and ADprep/Domainprep on WIndows 2003.

    3. Install AD DC component from server manager in Windows 2008  and then run DCpromo command. DCpromo COmmand automatically replicates AD information from Windows 2003 to 2008.

    4. After successfully migration, transfer FSMO roles.

    5. Change the DNS IP address in DHCP to Point at the Windows 2008 server

    http://araihan.wordpress.com/2009/08/25/migrate-from-windows-2003-active-directory-to-windows-2008-active-directory-step-by-step/

     

    FSMo Roles transfer

    http://support.microsoft.com/kb/255504


    Thanks Uday Kiran,
    Senior Consultant

    Cyquent Technology Consultants, Dubai

    Please Mark as answer if it helps you
    Sunday, June 12, 2011 11:03 AM
  • Hello,

    what I have understood is that you have domain with a DC running Windows Server 2003 and that you want to create a child domain. You want also that the DC of parent domain will be Windows Server 2008 and the DC of the child domain will be Windows Server 2003.

    If this is your need, then:

    • You have to prepare your AD environment for the add of the 2008 Server DC. Details here:http://technet.microsoft.com/en-us/library/cc731188(WS.10).aspx
    • Once done, you can add an additional 2008 DC in your domain and make it a GC. Also, install DNS on it and then after AD replication, you AD-integrated zones will be replicated to it
    • transfer FSMO roles to the new DC
    • Run dcpromo on the 2003 DC to demote it
    • Run dcpromp on the 2003 demoted DC so that it will be a DC for a new child domain

    Have a look to that: http://support.microsoft.com/kb/255248

    Note that it is recommended to have at least two DC/DNS/GC servers per domain. So, in your case, you have to have at least four DCs.

    Why do you want to create a child domain?

    If it is for having multiple password policies then you use 2008 DFL and use the Fine-Grained multiple password policies.

     

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator

    Sunday, June 12, 2011 11:07 AM
  • See my reply here: http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/f76d31c7-f799-4785-86cf-51656bd1b6fe

     

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified IT Professional: Enterprise Administrator

    Sunday, June 12, 2011 11:07 AM
  • Hi Suthakar07,

    I agree with Mr X's steps to introduce the 2008 as an additional DC, transfer FSMOs to it, make it a GC, then demote it and promote it as a CHild DC.

    The important part of the procedure is carefully understanding your DNS options. The article Mr X posted ( http://support.microsoft.com/kb/255248) explains how to create a Parent-Child delegation. That is one DNS design option. You can also opt to keep DNS centralized at the parent domain, and make the zone replication scope Forest Wide. However, I'm not sure what the best option would be in your case. It usually depends on the reason for creating a child domain. Normally I see some reasons such as decentralized administration due to either a merger/acquisition or international divisions with their own administrators.

    If you can elaborate on the reasons behind the need of a child domain, we can offer/recommend DNS design options that may better fit your needs.

    In the meantime, please review design opions in a multi-domain forest at the following link:

    DNS Design Options in a Multi-Domain Forest & How to create a Parent-Child DNS Delegation
    http://msmvps.com/blogs/acefekay/archive/2010/10/01/dns-parent-child-dns-delegation-how-to-create-a-dns-delegation.aspx

     

    Also, we'll see if we can get a moderating to merge this thread and the new one you posted in the Network Infrastructure Services forum at:
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/28385620-3e44-4993-b822-11eee1595c4b

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

     

     

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.


    • Edited by Ace Fekay [MCT] Monday, June 13, 2011 3:44 AM Added a link for DNS Design Options
    Monday, June 13, 2011 3:42 AM
  • I also replied to the other thread. Maybe we can get a moderator to merge these two threads?

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    Monday, June 13, 2011 3:43 AM
  • Hello ,

     

    Thank you very much to very one.

    Now i have transferred the ADS , DNS rules and GP.

    I did not demote the server 2003 and still we are having 2003 ADS.

    If i shut down the server 2003 i can not able to login with users systems that showing error system could not login domain is not available.

    If the server 2003 is up we can access all the sources from server 2008 and then only i can login with users systems.

    I have done netdom query fsmo in server 2008 its showing all the rulles runing.

    what i have to do shall i demote the server 2003 ADS if i did can i able to login with server 2008 clients system.

    what i have to for login the client systems(connected with server 2008 domain) without server 2003 without power up

    please help me it is very urgent.

     

     

    Monday, June 20, 2011 1:51 PM
  • Hello,

    please see: http://social.technet.microsoft.com/Forums/en/winserverMigration/thread/ff74bc4e-196a-42b7-beb9-febfd3f4b343


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Monday, June 20, 2011 6:15 PM