Replication

Question

Hello all,&nbsp;I have a question about replication. I have a Parent and 3 child domains. "domain.com" being the parent and dev.domain.com, test.domain.com and prod.domain.com being the children. We are having security discussions from a design stand point and the goal is not having the children domain controllers replicate to or from each other. I am in Sites and Services and under "Default First Site name&gt; Servers are all of the domain controllers, 2 per domain.&nbsp;1. Is this realistically achievable?2. How much of a lift will it take to get this to work?&nbsp;I am a VM and storage administrator/engineer so my knowledge in active directory is very limited.

dave patrick · Answer

1. Is this realistically achievable?
&nbsp;

Probably not. Read on here.&nbsp; &nbsp;&nbsp;
Active Directory Replication Concepts | Microsoft Learn&nbsp; &nbsp;
&nbsp;
&nbsp;

dave patrick · Answer

alacard052003&nbsp;just checking if there's any progress or updates? please don't forget to mark helpful replies.&nbsp;&nbsp;
&nbsp;
&nbsp;

alban1998 · Answer

Hello,That's not a good idea. Don't expect tight security within a forest - this is by design.You may either create separate forests (without trust relationships), or just create a single domain, single forest with separate OU for dev, test and prod, then apply a hardening/delegation model to it (best option).

Forum Discussion

Replication

Share

Resources