Active directory: How to set up a child domain

Configuration and validation


It is necessary to make sure that the domains can solve the different DNS records, for that it is necessary to add conditional forwarders.

Parent domain

1. Open the DNS console and verify that a folder with the child domain name 1 is present.

Console DNS

2. Right-click Conditional Redirectors 1 and click New Conditional Redirector … 2 .

Nouveau redirecteur

3. Enter the DNS name 1 , add the IP address of the child domain controller 2 and click OK 3 .

Configuration du redirecteur

4. The redirector is added to link to the child domain 1 .

Redirecteur ajouté

Child domain

Do the same thing on the child controller with the parent domain.

Redirecteur domaine enfant

Active Directory Sites and Services

On the parent domain, open the console and check that in the site created 1 , in the folder Server 2 is the domain control 3 and the replication link 4 .

Vérification lien de réplication

Group Strategy

It is possible in the console to display the group policies of the other domains of the forest and to link them to another.

1. From the console, right click on Domain 1 and click on Show domains 2 .

GPO sélection domaine

2. Choose the domains to display 1 > and click OK 2 .

Choisir les domaines

3. Both domains are manageable in console 1 .

Domaine ajoute

Active Directory Domains and Trusts

1. On the parent controller open the console and verify that there is a link between the two domains (presence in the console) 1 .

Vérification approbation

2. (optional) Open the properties of each domain and validate the Parent / Child link.

FSMO Roles

1. On the child domain control (NY), open a command window and enter the following command:netdom query fsmo

2. It can be seen that 3 roles are carried on the DC of the child domain and the other two on the DC of the parent domain, which is normal because two FSMO roles are unique in the AD forest.

Vérification rôle FSMO