Re: best dns config for new tree in forest
- From: "Eric Darby" <eric@xxxxxxxxxxx>
- Date: Thu, 28 Jun 2007 09:26:35 -0400
thats true. I also have 1 other gripe. the previous admin named the forest
[company].ent.
I would like to name it [company].com and have a forest root container.
I figure if i make a new tree then I can have my .com domain and still have
the root.
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:OsJ1xAPuHHA.1052@xxxxxxxxxxxxxxxxxxxxxxx
"Eric Darby" <eric@xxxxxxxxxxx> wrote in message
news:%23A5wBhLuHHA.768@xxxxxxxxxxxxxxxxxxxxxxx
because all of the other domains are child domains of the forest root. I
want to start a new tree to make sure the policies and permissions are
all clean.
Policies can be reset with DCGPOfix.exe
Having to manage all the permissions and owership on existing
resources will be much uglier than just reseting permissions.
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:ewEa2xFuHHA.576@xxxxxxxxxxxxxxxxxxxxxxx
"Eric Darby" <eric@xxxxxxxxxxx> wrote in message
news:%23BcT9iDuHHA.3640@xxxxxxxxxxxxxxxxxxxxxxx
i am in the process of flattening my domain and have created a new
domain tree to migrate all of my child domains into.
Why not just migrated into ONE of the existing domains?
On the new Domain what is the best way to configure the AD Integrated
DNS?
On the new domain? Is it in a new forest? (IF NOT you cannot get
rid of all the old domains anyway.)
If it is in a new forest there is only ONE way to setup AD Integrated
DNS
that really makes much sense with 2003, and literally only one choice if
you have 2000 DNS-DCs.
Use either All DNS-DCs in the Domain, or use ALL DCs (if you have
2000 DCs).
If you have more than one Domain in that forest (or it's in the current
forest with the other domains) then you could theoretically use All
DNS-DCs
in Forest.
This is not the key design problem.
I need to see the forest root and child domains of the old tree while
making the transition.
The key problem is having a way for the new domain to find (all of) the
old domains, and a way for the old domains to find the new one which
being in a new tree implies they cannot use the same rooted hierarchy
and you will either have to hold "cross secondaries" or "cross stubs"
for the OTHER Trees -- or you can use Conditional Forwarding on
each side.
Should I have replication to All DNS servers in the AD forest?
That works if the new domain is in the same forest -- but then you
will always have at least one of the current domains (cannot remove
it) plus the new domain.
The forest root domain is going to remain and it is currently set to
replicate to All DNS servers in the AD forest.
If you do it this way you have more efficient replication in most cases.
If your domains are small it will practically always be a good choice.
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
.
- Follow-Ups:
- Re: best dns config for new tree in forest
- From: Herb Martin
- Re: best dns config for new tree in forest
- References:
- best dns config for new tree in forest
- From: Eric Darby
- Re: best dns config for new tree in forest
- From: Herb Martin
- Re: best dns config for new tree in forest
- From: Eric Darby
- Re: best dns config for new tree in forest
- From: Herb Martin
- best dns config for new tree in forest
- Prev by Date: Re: W2003 DNS Event 4515
- Next by Date: Re: best dns config for new tree in forest
- Previous by thread: Re: best dns config for new tree in forest
- Next by thread: Re: best dns config for new tree in forest
- Index(es):
Relevant Pages
|
