0

I have a forest domain chicago.example.com that contains 2 domain controllers in it, in which I had joined a 2012 Server to the forest domain called DOMAINCONTROLLER3. I plan to promote this server to a domain controller in a new domain DOMAIN2.

It is good practice to use static IPs in general when deploying any new roles on the server.

In the new domain controller DOMAINCONTROLLER3, should I use Static IPs pointing to the two domain controllers in the forest? My concern is how the static IPs will have an effect on the new domain controllers communication with the forest once I promote it to a domain controller in its own new domain.

EDIT:

Hmmmm. When I run dcdiag on the Child domain controller...For Replications test I get error 0x2105 "Replication access was denied".

After doing more research, I found that it could be because I have this new domain and domain controller as a Virtual Machine that is running from a machine that is apart of the forest domain.

Kevin
  • 11
  • 3
  • `It is good practice to use static IPs in general when deploying any new roles on the server` - Resoundingly, YES. I'm not following the rest of your question though, can you elaborate? What effect do you think a static ip address will have on DC communication? – joeqwerty Dec 03 '15 at 23:07
  • @joeqwerty: I'm running into a problem where the child domain (new tree domain) can pull active directory groups from the forest domain, but not the other way around. Should the primary dns on the new dc point to itself or to the forest dc? – Kevin Dec 04 '15 at 17:27
  • @joeqwerty: I'm not sure if this helps, but I get an error that says: The following error occurred during the attempt to contact the Domain Controller %CHILDDOMAINCONTROLLER%: The RPC Server is unavailable. – Kevin Dec 04 '15 at 17:46
  • @joeqwerty: Also on the DCs in the forest, if I try to browse for Users, Contacts, and Groups in the new child domain (or tree) I get "No items match the current search". – Kevin Dec 04 '15 at 17:56
  • @joeqwerty: Hey Joe, please read my edit in the post. I 'm not sure if that has something to do with it. – Kevin Dec 04 '15 at 18:43

1 Answers1

0

As I understand your question, it seems you are asking how to set your static DNS in the IP settings for your domain controllers. In that case, the DNS for any server that is (or will become) a domain controller should be set to contact an existing domain controller for DNS. If there is already one in the domain, they should ultimately point to each other. If there is only one in a new child domain, it should point to a DC in the parent domain and also to itself.

Jennelle Crothers
  • 421
  • 2
  • 10
  • I'm running into a problem where the child domain (new tree domain) can pull active directory groups from the forest domain, but not the other way around. Should the primary dns on the new dc point to itself or to the forest dc? – Kevin Dec 04 '15 at 17:06
  • I usually go with having a DC point to itself for primary and to the forest as secondary DNS. – Jennelle Crothers Dec 07 '15 at 18:13