1

I'm combining two active directory forests for consolidation purposes. The first step is by creating a forest trust between subdomain2.subdomain1.rootdomain.com and subdomain1.rootdomain.com.

A colleague is telling me this is tricky or impossible because of poor planning. subdomain1 will think/assume subdomain2.subdomain1 should already belong to it.

Is this the mountain I'm being told it is or is it a molehill?

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
D. Pannone
  • 11
  • 1
  • It isn't clear to me what you're trying to accomplish. If subdomain2 is a child domain of subdomain1 then there already exists a Parent-Child trust between them. Can you explain in more detail what you're trying to do? – joeqwerty Apr 12 '18 at 16:36
  • I believe it's not technically a child subdomain. I believe it's a seperate fqn for that domain. They were setup independently and unaware of the others existance. I am try to absorb all the resources/users from subdomain2.subdomain1.rootdomain.com and manage them with admins from subdomain1.rootdomain.com – D. Pannone Apr 12 '18 at 16:42
  • I'm confused. subdomain2 is either in the same Forest as subdomain1 and is a child domain of subdomain1 or it isn't. Can you tell us exactly what you're dealing with? Are subdomain1 and subdomain2 in the same Forest? – joeqwerty Apr 12 '18 at 16:45
  • Excuse my ignonorance. They are two separate forests. – D. Pannone Apr 12 '18 at 17:04
  • OK. I was coming to that conclusion after reading your comments. Can you explain exactly what it is you're trying to do? You can't combine two AD Forests so what is it you're trying to accomplish? Are you trying to create a Forest Trust between the two? – joeqwerty Apr 12 '18 at 17:08
  • yes a bidirectional forest trust. – D. Pannone Apr 12 '18 at 17:49
  • Just make sure DNS is configured properly, shouldn't be an issue. – Jacob Evans Apr 13 '18 at 01:55

1 Answers1

2

A dns sub domain doesn’t automatically mean trust. Should work.

Konrads
  • 870
  • 2
  • 20
  • 40
  • Thankyou, I was aware that subdomain doesn't imply trust. But I'm told since it is technically external but with a domain that is a subdomain name of the first that there will be a giant issue. – D. Pannone Apr 12 '18 at 16:36
  • OK, so it's sounds like you're talking about two different Forests and there are identically named domains in each forest. In that case then you're likely to have issues with Name Suffix routing across the Forest Trust (if you create a Forest Trust). – joeqwerty Apr 12 '18 at 16:50