{"id":24503,"date":"2021-04-17T01:53:18","date_gmt":"2021-04-17T01:53:18","guid":{"rendered":"http:\/\/matthewjrodgers.com\/?p=24503"},"modified":"2021-05-11T10:52:20","modified_gmt":"2021-05-11T15:52:20","slug":"microsoft-windows-active-directory-creating-a-multi-domain-multi-site-domain","status":"publish","type":"post","link":"https:\/\/matthewjrodgers.com\/?p=24503","title":{"rendered":"Microsoft Windows Active Directory: creating a multi-domain, multi-site domain"},"content":{"rendered":"\n<p>While taking&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/app.pluralsight.com\/library\/courses\/windows-server-2016-manage-maintain-ad-domain-services\/table-of-contents\" target=\"_blank\">this<\/a>&nbsp;Pluralsight course, I followed along by creating a Windows Active Directory Domain like the one demonstrated in the course. I am hosting this in Hyper-V on my localhost. Below I showcase my implementation.<\/p>\n\n\n\n<p>Here is the site topology for the domain controllers in the Company.pri domain.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"345\" height=\"298\" src=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/sites-and-services-overview.png\" alt=\"\" class=\"wp-image-24504\" srcset=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/sites-and-services-overview.png 345w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/sites-and-services-overview-300x259.png 300w\" sizes=\"(max-width: 345px) 100vw, 345px\" \/><\/figure>\n\n\n\n<p>Since Hyper-V doesn\u2019t provide routers at the hypervisor level, there isn\u2019t a way to route traffic between subnets. So, I created and setup a Remote Access Server which has the routing role enabled.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"145\" src=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-1024x145.png\" alt=\"\" class=\"wp-image-24505\" srcset=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-1024x145.png 1024w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-300x42.png 300w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-768x109.png 768w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-982x139.png 982w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras-400x57.png 400w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/rras.png 1351w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>One of the domain controllers is Read-Only. Ideally, it would be placed in its own site, as the course explains, but wasn\u2019t implemented that way in the course.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"648\" height=\"191\" src=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/aduc-rodc.png\" alt=\"\" class=\"wp-image-24506\" srcset=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/aduc-rodc.png 648w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/aduc-rodc-300x88.png 300w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/aduc-rodc-400x118.png 400w\" sizes=\"(max-width: 648px) 100vw, 648px\" \/><\/figure>\n\n\n\n<p>And finally, I created a completely separate domain, othercompany.pri, and created a two-way transitive forest-to-forest trust between company.pri and othercompany.pri. As part of this, I needed to create a DNS conditional forwarder in each domain, so both domains can resolve DNS queries for records in the other\u2019s domain.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"548\" height=\"503\" src=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/trusts.png\" alt=\"\" class=\"wp-image-24507\" srcset=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/trusts.png 548w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/trusts-300x275.png 300w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/trusts-400x367.png 400w\" sizes=\"(max-width: 548px) 100vw, 548px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"558\" src=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-1024x558.png\" alt=\"\" class=\"wp-image-24508\" srcset=\"https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-1024x558.png 1024w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-300x163.png 300w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-768x418.png 768w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-982x535.png 982w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain-400x218.png 400w, https:\/\/matthewjrodgers.com\/wp-content\/uploads\/2021\/04\/dns-conditional-forwarder-to-othercompany-domain.png 1076w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>And that\u2019s it for this post! Thank you for reading!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>While taking&nbsp;this&nbsp;Pluralsight course, I followed along by creating a Windows Active Directory Domain like the one demonstrated in the course. I am hosting this in Hyper-V on my localhost. Below I showcase my implementation. Here is the site topology for the domain controllers in the Company.pri domain. Since Hyper-V doesn\u2019t provide routers at the hypervisor&hellip; <a href=\"https:\/\/matthewjrodgers.com\/?p=24503\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Microsoft Windows Active Directory: creating a multi-domain, multi-site domain<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[5,4],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/posts\/24503"}],"collection":[{"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24503"}],"version-history":[{"count":2,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/posts\/24503\/revisions"}],"predecessor-version":[{"id":24582,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=\/wp\/v2\/posts\/24503\/revisions\/24582"}],"wp:attachment":[{"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matthewjrodgers.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}