Re: Multiple Forests using One Active Directory Server
From: Mike Brannigan [MSFT] (mikebran_at_online.microsoft.com)
Date: 12/01/04
- Next message: Juan: "Re: Replication Errors after DC restore"
- Previous message: Tony WONG: "Re: Unable to remove the Domain Controller"
- In reply to: mutegeek: "Multiple Forests using One Active Directory Server"
- Next in thread: Søren Lassen: "Re: Multiple Forests using One Active Directory Server"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 1 Dec 2004 08:59:51 -0000
"mutegeek" <mutegeek@discussions.microsoft.com> wrote in message
news:04157C21-F65E-4390-A25A-E5B02801F2B2@microsoft.com...
> What I have been trying to figure out is whether it is possible to create
> multiple forests on one active directory server. The problem of creating
> new
> forests is trivial if one uses multiple computers, thus multiple instances
> of
> Active Directory. But such seems a needless exercise given that forests
> and
> domains in AD are abstract objects that do not necessarily relate to
> internet
> domains; even though the setup wizard suggests there is a one-to-one
> correspondance.
>
> Curious if anyone has considered it, or maybe done it. Short of hacking my
> way through AD I've not found a way, or reference that suggests it can be
> done.
If you wish to host multiple forest or even domains (since an single domain
can be a forest, the degenerative case), you will need to run multiple
instances of Windows Server. You can do this using Virtual Sever 2005.
This will require that you purchase a license for Windows Server for each
Virtual Machine you install it to.
The Instance of Active Directory on each DC is done so as part of the LSASS
(Local security authority subsystem) process. This is a core kernel level
process and it is intrinsically linked to the security subsystems of the
operating system. It is not possible to instantiate multiple instances of
LSASS - hence only one Active Directory per DC.
It is not possible to "hack you way through AD" to change this.
-- Regards, Mike -- Mike Brannigan [Microsoft] This posting is provided "AS IS" with no warranties, and confers no rights Please note I cannot respond to e-mailed questions, please use these newsgroups "mutegeek" <mutegeek@discussions.microsoft.com> wrote in message news:04157C21-F65E-4390-A25A-E5B02801F2B2@microsoft.com... > What I have been trying to figure out is whether it is possible to create > multiple forests on one active directory server. The problem of creating > new > forests is trivial if one uses multiple computers, thus multiple instances > of > Active Directory. But such seems a needless exercise given that forests > and > domains in AD are abstract objects that do not necessarily relate to > internet > domains; even though the setup wizard suggests there is a one-to-one > correspondance. > > Curious if anyone has considered it, or maybe done it. Short of hacking my > way through AD I've not found a way, or reference that suggests it can be > done.
- Next message: Juan: "Re: Replication Errors after DC restore"
- Previous message: Tony WONG: "Re: Unable to remove the Domain Controller"
- In reply to: mutegeek: "Multiple Forests using One Active Directory Server"
- Next in thread: Søren Lassen: "Re: Multiple Forests using One Active Directory Server"
- Messages sorted by: [ date ] [ thread ]
