Child Domain

Domain Information

Setting	Value
Domain Name	corp.microsoftlab.ch
NetBIOS Name	CORP
Parent Domain	microsoftlab.ch
Domain Mode	Windows Server 2025
Domain Controller	srv-dcc-zrh-01
IP Address	10.30.30.15

Pre-Installation

# Set static IP
New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 10.30.30.15 -PrefixLength 24 -DefaultGateway 10.30.30.1
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 10.30.30.10

# Set hostname
Rename-Computer -NewName "srv-dcc-zrh-01" -Restart

# Install AD DS role
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools

Installation Script

Install-ADDSDomain `
    -CreateDnsDelegation:$true `
    -Credential (Get-Credential "MSLAB\Administrator") `
    -DatabasePath "C:\Windows\NTDS" `
    -DomainMode "Win2025" `
    -DomainType "ChildDomain" `
    -NewDomainName "corp" `
    -ParentDomainName "microsoftlab.ch" `
    -NewDomainNetbiosName "CORP" `
    -InstallDns:$true `
    -LogPath "C:\Windows\NTDS" `
    -SysvolPath "C:\Windows\SYSVOL" `
    -NoRebootOnCompletion:$false `
    -Force:$true

Post-Installation DNS

Child DC DNS Settings:

# Child DC points to itself
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 127.0.0.1

Update Forest Root DC:

# On srv-dc-zrh-01 - Add child DC as secondary
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 10.30.30.15, 127.0.0.1

Trust Relationship

Automatic two-way transitive trust:

# Verify trust
Get-ADTrust -Filter *

# Expected:
# Source: corp.microsoftlab.ch
# Target: microsoftlab.ch
# Direction: BiDirectional
# TrustType: ParentChild

FSMO Roles (Child Domain)

Role	Location
PDC Emulator	srv-dcc-zrh-01.corp.microsoftlab.ch
RID Master	srv-dcc-zrh-01.corp.microsoftlab.ch
Infrastructure Master	srv-dcc-zrh-01.corp.microsoftlab.ch

Forest-level roles remain on srv-dc-zrh-01.

Joining Computers to Child Domain

Add-Computer -DomainName "corp.microsoftlab.ch" -NewName "srv-xxx-zrh-01" -Credential (Get-Credential "CORP\Administrator") -Restart