1

I'm having some trouble setting up a Child Active Directory Domain.

I started by installing Windows Server 2012 R2 we will call NICK1 and installed Active Directory Domain Services on this server as domain nicholas.com. I also configured this server as the DNS server.

Now I want to add a child domain sub.nicholas.com.

Here are the steps I performed to create the child domain.

  • Install another copy of Windows Server 2012 R2 we will call NICK2. Configure this server to be a child domain of NICK1's nicholas.com by doing the following:

    • Configure the Network Connection to use NICK1's DNS server.

      • (View Network Connections -> Click on your Ethernet NIC -> Properties -> Double Click your IPv4 protocol in the list -> Click “Use the following DNS Server Address” and set it to the DNS server’s IP address.)

    • Join the nicholas.com domain: Go to “View your PC name” and click “Join a domain”

      • Type the fully qualified domain name of the root active directory domain and join it. Authenticate using the root domain’s admin username/password.

      • Restart when prompted.

      • When you log back in, use the administrator/password from the root domain controller.

    • Install the Active Directory services. (Go to Server Manager -> Add roles or features -> Next -> Next-> Next -> Choose Active Directory Domain Services -> Add features -> Next -> Next -> Next -> Install. Wait for the Active Directory Domain Services to install.)

    • Promote to a domain controller and configure as a sub domain:

      • Go to server manager and Click on the yellow flag
      • Promote this server to a domain controller.
      • Select Add domain to existing forest (The FQDN of the root domain should appear automatically in Parent domain name)
      • Enter the new child domain name sub
      • Enter login credentials for administrator@nicholas.com
      • The defaults for the rest. Install.

This process completes fine and I'm able to log in to the domain controller as the new SUB\Administrator user.

But when I create a new AD user in sub.nicholas.com, I cannot log in as that user.

I also cannot log in as any sub.nicholas.com users in any other services that work with nicholas.com. For example... user@nicholas.com is able to use sharepoint, but otheruser@sub.nicholas.com cannot.

Does anyone know what steps I'm missing to make the sub.nicholas.com domain usable? My main goal is to be able to use SharePoint as a nicholas.com user or a sub.nicholas.com user.

Nicholas DiPiazza
  • 197
  • 1
  • 1
  • 11
  • Windows Server 2013 is not a thing. Typo? – Ryan Bolger Dec 05 '17 at 18:45
  • yep corrected. thanks. got it mixed up in my head with the sharepoint version i'm using. – Nicholas DiPiazza Dec 05 '17 at 18:46
  • 2
    It shouldn't make a huge difference, but you might also want to clarify whether you are referring to 2012 (the original) or 2012 R2. – Ryan Bolger Dec 05 '17 at 18:50
  • done. i am using the R2 – Nicholas DiPiazza Dec 05 '17 at 18:50
  • Do you have client computers joined to both domains? If so can you verify/clarify which logon attempts work and which don't between domain users and domain computers? E.g., user@nicholas.com can log on to both client computers but user@sub.nicholas.com can only log on to the computer joined to the sub domain or to neither one. – Todd Wilcox Dec 05 '17 at 18:54
  • @ToddWilcox I didn't know you could join both domains from the client machine. That might be the step I'm missing. – Nicholas DiPiazza Dec 05 '17 at 18:55
  • I meant two separate computers, one joined to each domain. One computer cannot be joined to more than one domain, no. – Todd Wilcox Dec 05 '17 at 18:56
  • Let me try to configure a computer joined to the sub domain and see if i can log in there. I'm guessing that will work. I also editted my question with my main intention - to be able to use SharePoint as a nicholas.com user or a sub.nicholas.com user. When done I will edit my question with the clarifications you requested. – Nicholas DiPiazza Dec 05 '17 at 18:57

0 Answers0