Published: Nov 14, 2024
In this guide I’ll show you how to add a child domain to an existing forest. If you have, for example, contoso.com as your single Active Directory forest domain, you may want to add some logical separation. You can add a child domain, corp.contoso.com, to your forest during the DC promotion wizard.
This article applies to: Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025.
This scenario requires you to have an existing domain/forest already in your environment. For example, reinders.local is my forest-root domain. It was built when I created (promoted) my first domain controller (DC) in my lab environment.
All we need to do is build another Windows Server 2022 Datacenter server and confirm it has LAN access to our existing domain. I’ve built another one of these servers and named it WS22-CHILD-DC01.
Remember, the wizard is only asking for the beginning of the new domain. If you type in ‘corp.reinders.local,’ it will give you an error. It only wants the beginning part. It will automatically make the DNS name – ‘corp.reinders.local’.
You will undoubtedly need to make a choice in your test and/or production environments. My advice – choose a level as high as you can. (Note – Windows Server 2025 is the highest possible level at this time.)
We can verify everything on the Prerequisites Check screen, and after doing that we’re ready for launch.
During the progress, we can see the replication of objects from reinders.local to our new child domain, corp.reinders.local.
After the server rebooted, I logged into WS16-DC1, one of my DCs in our parent domain – reinders.local. I opened Active Directory Users and Computers (ADUC), right-clicked on the reinders.local domain tree, and clicked Change Domain…
To verify a few more things, I clicked the Domain Controllers folder and there’s our new domain controller – WS22-CHILD-DC01. Very good.