Active Directory-Urgent Help

G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Dear All,

My company name is
ASKA.COM

and it has 4 companies as well.

they have 4 register domains for them in XO, with an E-mails for them.


Now, ASKA is in ONE OFFICE in SAUDI ARABIA, JEDDAH with 20 users.

they are working with Workgroup, no any domains.

they asked me to make a Domain - internal- for them . I Maked already
without any Problem.

Now, they informed me , another company came and will share with us the same
office , but they will be in speareate office.

we will have one ERP from microsoft-AXAPTA- and it will installed on ASKA.

Now they want to create another domain for that company, i told them i will
make as child domain from ASKA, But they refused.

they asked me to make it as sperate Domain like that :-

( ALFA.COM), and they want to access all of the resource which is under ASKA.


Now , My question is :-

1. if i made them NEW DOMAIN TREE- in the EXsisting FOREST- with SAME
IP-Address as DOMAIN ASKA, ( ASKA IS 192.168.1.1-20 / 24 & ALFA will be also
192.168.1.21-128 / 24 ), do you think i Need to make Trust Relationship,
between 2 domains to let them access resource in each other , or the Trust
Relation Ship will be created automatically without any thing from me ?

2. what will happen for the abuve senario, BUT Only i will change the
IP-Address for 2 domains, ( ASKA will be 192.168.1.1-20 / 24 ) & ( ALFA will
be 10.1.8.1 / 24 ), do you think i Need to make Trust Relationship, between 2
domains to let them access resource in each other , or the Trust Relation
Ship will be created automatically without any thing from me ? and how can i
le them communicate with Different IP_Address?


3- what is the different between if i make the New Company domain as NEW
forest , and if i made New Domain Tree & if i made Child Domain ? what is the
Best ?

Can you Please Help me in that
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:EEF5BC19-63FD-4D4E-BAE2-F79608BD6E3D@microsoft.com,
Medo_in_Egypt <MedoinEgypt@discussions.microsoft.com> stated, and I replied
below:
> Dear All,
>
> My company name is
> ASKA.COM
>
> and it has 4 companies as well.
>
> they have 4 register domains for them in XO, with an E-mails for them.
>
>
> Now, ASKA is in ONE OFFICE in SAUDI ARABIA, JEDDAH with 20 users.
>
> they are working with Workgroup, no any domains.
>
> they asked me to make a Domain - internal- for them . I Maked already
> without any Problem.
>
> Now, they informed me , another company came and will share with us
> the same office , but they will be in speareate office.
>
> we will have one ERP from microsoft-AXAPTA- and it will installed on
> ASKA.
>
> Now they want to create another domain for that company, i told them
> i will make as child domain from ASKA, But they refused.
>
> they asked me to make it as sperate Domain like that :-
>
> ( ALFA.COM), and they want to access all of the resource which is
> under ASKA.
>
>
> Now , My question is :-
>
> 1. if i made them NEW DOMAIN TREE- in the EXsisting FOREST- with SAME
> IP-Address as DOMAIN ASKA, ( ASKA IS 192.168.1.1-20 / 24 & ALFA will
> be also 192.168.1.21-128 / 24 ), do you think i Need to make Trust
> Relationship, between 2 domains to let them access resource in each
> other , or the Trust Relation Ship will be created automatically
> without any thing from me ?
>
> 2. what will happen for the abuve senario, BUT Only i will change the
> IP-Address for 2 domains, ( ASKA will be 192.168.1.1-20 / 24 ) & (
> ALFA will be 10.1.8.1 / 24 ), do you think i Need to make Trust
> Relationship, between 2 domains to let them access resource in each
> other , or the Trust Relation Ship will be created automatically
> without any thing from me ? and how can i le them communicate with
> Different IP_Address?
>
>
> 3- what is the different between if i make the New Company domain as
> NEW forest , and if i made New Domain Tree & if i made Child Domain ?
> what is the Best ?
>
> Can you Please Help me in that

This depends on security requirements. If you create a separate tree, no
matter what IP range is being used, the intra-forest trust will be
automatically created and exist between the trees so no trusts are required
to be made. Then all you would need to do is allow permissions to resources
for whomever needs access.

Of course, if the other tree will be in a remote location, then we cannot
use the same IP range, unless you are bridging the two networks.

If you create a domain in a separate forest, then you will need to create a
trust. If both forests are in Win2003 Full Functional mode, then you can
make a forest trust. If not, you can create an old-style NTLM trusts between
the domains. After you'be done that, you then would need to allow
permissions to resources for whomever needs access.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================