How to Add Tree Domain in an Existing Forest in Windows Server 2016

How to Add Tree Domain in an Existing Forest in Windows Server 2016

In the previous article, we discussed why we add extra domains in a forest and we also configured one child domain. However, this article focuses on adding a new tree domain in an existing forest in Windows Server 2016. 
I have a small topology in the test environment and its configuration is shown in the following table.

Forest Root Domain

yourdomain.com

Forest and Domain Functional Levels

Windows Server 2016

DC of Root Domain

SRV-01.yourdomain.com

IP Address

172.16.1.4/16

New Tree Domain

mydomain.com

DC of Tree Domain

SRV-02

IP Address 

172.16.1.5/16

Prerequisites

  1. Administrator account has strong password
  2. Static IP is configured
  3. Firewall is turned off
  4. Latest updates from Microsoft are installed
  5. DNS server IP address in TCP/IPv4 properties is correct and should be pointing to DNS of domain controller of root domain (SRV-01.yourdomain.com/172.16.1.4) 

When you have installed active directory domain services ADDS role on your server, proceed with following configuration steps.

Promoting Server to a Domain Controller of New Tree Domain

Step 1. Click Promote this server to a domain controller

Step 2. Choose to Add a new domain to an existing forest, domain type, forest and new domain name. Click Change to provide the credentials of an account which is a member of enterprise admins. When you are done click Next

Step 3. Provide DSRM password. Make sure Domain Name System (DNS) and Global Catalog options are checked and click Next

Step 4. Click Next

Step 5. Click Next

Step 6. Click Next

Step 7. Click Install and wait for the configuration to finish, this can take several minutes

As soon as the configuration is successful system will prompt you to reboot. After reboot, you can log in to the domain controller of new tree domain with domain admin account.
References

  1. https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/deploy/install-a-new-windows-server-2012-active-directory-child-or-tree-domain--level-200-

 

 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish