Creating a New Child Domain in Windows Server 2008

Creating a New Child Domain in Windows Server 2008 R2

There are times when you need to separate or delegate some parts of your Active Directory infrastructure, and the best way in those cases is to simply create a new child domain in the existing AD forest. This way you don’t have to create trusts between the two domains; trusts are created automatically and are created in a two-way direction, meaning domain A automatically trusts domain B, and vice versa.

Before going into the topic let’s learn something about the Latest Release of Windows Server 2016

Why Add a Child Domain?

  • Less Network Traffic between your main office and the new one
  • You will be able to delegate control of the new network to another administrator who actually lives in the location of the new office.
  • The child domain will allow you to keep track what is going on in a specific Location.

Before You Begin:

1. In order to create a child domain on your network, you will need another server, or rather a Domain Controller.

You can build that DC in your main office and then ship it out to the new office. This DC will also be a Global Catalog as well as DNS Server to assist all the clients in the new office with any DNS requests, etc.

2. You also need to prepare your current network for the new sub domain. So before you begin with the new DC configuration you need to do the following:

  • Create a new site in your Active Directory that will represent the physical structure of your network. In my example our main office is in India and the new one is in Amsterdam. Based on that info, you would create a new site for the Amsterdam office.
  • In addition to the new site you will also need to Create a new subnet for your new location. It will allow you to track all of your machines by location. This new subnet should be assigned to your new location.

Once you prepare your network as mentioned above, we are now ready to create a new Domain Controller.

After you have installed Windows Server 2008 on your new machine and completed all the Initial Configuration Tasks, open up Server Manager and click on the Roles section.

Active Directory on Windows Server 2008

We will need to install the Active Directory Domain Services (ADDS) Role first. So go ahead and check the box next to it and click Next and proceed further.

Active Directory on Windows Server 2008

Review the confirmation and click on “Next”

Active Directory on Windows Server 2008

Review the installation confirmation and click on “Next”

Active Directory on Windows Server 2008

It will take few minutes to complete and when it’s done you will get this confirmation. And then click on “Close”

Active Directory on Windows Server 2008

I assume you have a proper VPN connection between the two locations, and both servers can communicate. Now we can start creating the child domain in the branch office. Do a Start > Run > dcpromo and click OK.

How To Create Additional Domain Controller (ADC) In Windows Server 2008

The Active Directory Domain Services Installation Wizard will start, either enable the checkbox beside Use Advanced mode installation and Click Next , or keep it unselected and click on Next

How To Create Additional Domain Controller (ADC) In Windows Server 2008

The Operating System Compatibility page will be displayed, take a moment to read it and click Next

How To Create Additional Domain Controller (ADC) In Windows Server 2008

Since this is going to be your child domain, make sure you select the Existing forest option and then select Create a new domain in an existing forest.

When ready, click on the Next button.

Create Child Domain in windows server 2008

Type in your domain name with the correct internet suffix. In my example I’m are using our DoubtsClear.com domain.

Since this domain already exists and you are logged in to this machine only as a local administrator you will also need to enter alternate credentials of a domain administrator in order to proceed.

So go ahead and click on the Set button.

How-To-Create-Additional-Domain-Controller-ADC-In-Windows-Server-2008-7

Enter the domain administrator’s name and password, then hit OK

How To Create Additional Domain Controller (ADC) In Windows Server 2008

When ready, click on Next.

How To Create Additional Domain Controller (ADC) In Windows Server 2008

In this step you will need to enter the Fully Qualified Domain Name (FQDN) of your child domain in two steps.

The first is the FQDN of your parent domain. In our example it is going to be DoubtsClear.com.

Next you need to enter the single-label DNS name of your child domain — that means anything that is before the DoubtsClear.com.

In my example I entered cdc for cdc.globomantics.com — as seen on the bottom.

That will be our FQDN for the new child domain. Once ready, click on the Next button.

Creating a New Child Domain in Windows Server 2008 R2

Now it’s time to select a site for this DC.

Now you see why we needed to create the new site before we started this installation. Select the correct site and click Next.

Creating a New Child Domain in Windows Server 2008 R2

As mentioned earlier we are going to make this DC be our DNS server as well as Global catalog for our new site.

Make sure both check-marks are checked and then click on the Next button.

How To Create Additional Domain Controller (ADC) In Windows Server 2008

I would recommend leaving the default locations for these databases unless you have a really good reason not to. Click Next.

How To Create Additional Domain Controller (ADC) In Windows Server 2008

In this windows you will need to setup the Directory Services Restore Mode Administrative Password for restore purposes.

Go ahead and type that in and then click on the Next button.

Moving forward, you will be asked to save a restore mode password (which is separate from the Domain Administrator’s account). As mentioned in the previous post, this password is configured to be used when the Domain Controller is started in Directory Services Restore Mode. Choose a password and click Next.

On this summary window double check your selections and when ready click Next.

Creating a New Child Domain in Windows Server 2008 R2

You can check the box Reboot on completion and let the installation complete.

Creating a New Child Domain in Windows Server 2008 R2

Read:

Congratulations! Your Child Domain has been created!

Hope This tutorial help you Guys.. Please Don’t forget to leave your comment.

Check Also

Complete GPUpdate Commands

Learn The Difference Between Gpupdate and Gpupdate [Force, Sync, Logoff, Boot, Target, Wait ]: Complete GPUpdate Commands

Group Policy plays a very important role in the Active Directory Infrastructure and as a …

One comment

  1. Easy to understand and this tempts us to work on the platform

Leave a Reply

Your email address will not be published. Required fields are marked *