Discussion:
Child domain versus a new domain tree in an existing forest
(too old to reply)
Shawn Conaway
2006-11-08 17:55:02 UTC
Permalink
Does anyone know the functional differences between creating a child domain
and creating a new domain in an existing forest? I know that with a child
domain, the DNS domain will be nexted under its parent. Since the trusts in
a forest are all transitive, all the domains in a forest trust each other,
I'm thinking that group policy may be the only significant difference.
T. Uranjek
2006-11-08 18:15:07 UTC
Permalink
Hi!

Why would be any difference in group policy mechanism between new tree or
child domain in existing tree? You can link GPO to sites (which can contain
more than one domain) to domain (but GPO are not inherited to child domain)
or OUs.

Apart from contiguous name space I cannot see difference between new tree or
child domain.

HTH

Toni
Post by Shawn Conaway
Does anyone know the functional differences between creating a child domain
and creating a new domain in an existing forest? I know that with a child
domain, the DNS domain will be nexted under its parent. Since the trusts in
a forest are all transitive, all the domains in a forest trust each other,
I'm thinking that group policy may be the only significant difference.
jx
2006-11-08 18:13:02 UTC
Permalink
You may be referencing to the child domain and domain tree. A forest can
have multiple contiguous separate trees as well e.g. abc.contoso.com |
yyy.contoso.com | zzz.contoso.com. The transitivity exists between the
child and the parent.
HTH
Post by Shawn Conaway
Does anyone know the functional differences between creating a child domain
and creating a new domain in an existing forest? I know that with a child
domain, the DNS domain will be nexted under its parent. Since the trusts in
a forest are all transitive, all the domains in a forest trust each other,
I'm thinking that group policy may be the only significant difference.
Joe Richards [MVP]
2006-11-09 05:36:55 UTC
Permalink
For pure AD functionality there is no difference. From the standpoint of
confusion and broken scripts and applications it is far more likely a
new tree will cause issues. I absolutely do not recommend multiple trees
in a forest as I have yet to have seen a good reason for it and have
seen lots of problems.

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
Post by Shawn Conaway
Does anyone know the functional differences between creating a child domain
and creating a new domain in an existing forest? I know that with a child
domain, the DNS domain will be nexted under its parent. Since the trusts in
a forest are all transitive, all the domains in a forest trust each other,
I'm thinking that group policy may be the only significant difference.
Continue reading on narkive:
Loading...