Re: How to create an additional domain

Hi
Inline
I have a full AD Network hosted as (lets say) abc.com. Everything
works. Now I need to literally split this into two independant
domains; abc.com and xyz.com. Each will have their own exchange
servers and so on and must remain separate in terms of security.

Hum... Security needs??? That's why you need to create a new domain? Can you
share with us these security needs?
I'm only asking because I think that you migh be on the wrong path.

How do I do this? If I go into AD Domains and Trusts, I can't create
a new domain; there's no option for it.
Not sure what do you mean - Are you trying to create a new domain or a
trust?

Do I have to create an entirely new AD configuration on a separate
server? I keep finding tons of articles telling me I can do this (2
AD domains on one physical network) but can't find anything that tells
me HOW to do it.

actually you can have multiple forests in same physical network... So the
question above remains.

How do I add xyz.com to the forest abc.com? Ot do I create a new
forest? Or.... the thousands of documents on it are confusing me to
no end.

what the xyz.com represents? A different forest, a NT4 Domain, a domain in
existent Forest?


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Fred Flintstone" <idontthinkso@xxxxxxxxxx> wrote in message
news:h19rf2ldfohjja6fq699q11spm70q36rqj@xxxxxxxxxx
Hi!

I have a full AD Network hosted as (lets say) abc.com. Everything
works. Now I need to literally split this into two independant
domains; abc.com and xyz.com. Each will have their own exchange
servers and so on and must remain separate in terms of security.

How do I do this? If I go into AD Domains and Trusts, I can't create
a new domain; there's no option for it.

Do I have to create an entirely new AD configuration on a separate
server? I keep finding tons of articles telling me I can do this (2
AD domains on one physical network) but can't find anything that tells
me HOW to do it.

How do I add xyz.com to the forest abc.com? Ot do I create a new
forest? Or.... the thousands of documents on it are confusing me to
no end.

Any help much appreciated, thanks!



.

Relevant Pages

  • RE: Microsoft Active Directory security concerns
    ... for your DMZwith no trusts between it and your internal forest. ... limit the traffic from your DMZ web servers into the internal network. ... shuffling existing accounts into your new domain anyway. ... I have spent most of my time in network security and IDS/IPS technology ...
    (Security-Basics)
  • Re: Active Directory Design
    ... separate forest or a Workgroup envoirenment ... Don't create child domains for this because you can be very sorry, ... domains aren't security boundaries. ... I agree making them stand alone servers in their own workgroup or a separate ...
    (microsoft.public.windows.server.active_directory)
  • Re: Protected Forest with One Child domain
    ... All servers are Win2K3. ... The forest is in native mode. ... I have setup my child domains to conditionally forward to the forest domain ... I can click on the root of the forest (in dns) and then ...
    (microsoft.public.windows.server.dns)
  • Re: Need urgent help regarding security
    ... There is plenty of security info out there ... email from even a dozen servers is small. ... an OS version upgrade should not be taken lightly. ... Given that your root password was apparently found on the servers, ...
    (freebsd-questions)
  • [Full-Disclosure] w32.frethem.k@mm and good reading
    ... Script kiddies deface websites. ... only obfuscating your own perception of security. ... >> vulnerabilities in a particular operating system or server software ... >> Imagine a custom operating system used by only a few servers, ...
    (Full-Disclosure)
Quantcast