Question : DHCP, DNS and GPO for two domains - One site

Hello All,

I have one site (one DHCP scope) and PCs that logon to two different domains (Domain A and Domain B), since we are in the process of migrating users from Domain A to Domain B.  Domains trust each other.

1.  DHCP is configured to give out the IP addresses of two DNS servers for Domain A.
2.  Conditional DNS forwarders have been setup by the admin of Domain B

Problem:  The test users on Domain B cannot logon properly - even although their PCs are joined to Domain B and they are logging on with their Domain B credentials, their PCs are trying to pick up the GPO's for Domain A users and PCs


If I give one of the Domain B PCs a fixed IP, manually specifying the IP address of a DNS server in Domain B, all works beautifully - picks up policies for Domain B as it should.

DHCP and DNS servers for Domain's A and B all on same IP range/subnet
Any ideas gratefully received!

Answer : DHCP, DNS and GPO for two domains - One site

Hi there,

The most obvious problem here to me is that fact that you've got two DHCP servers on one subnet. DHCP is a low level protocol that is indicriminate in who it hands out IP addresses to. A client will send a broadcast asking for a DHCP address - the first DHCP server to receive the broadcast will respond - this could be either DHCP server - so it's 50/50 as to whether your clients get the right configuration (Domain A or Domain B). As soon as DHCP has given the wrong DNS server address to the client, it's all broken.

It is possible to have two domains running on the same subnet, but DHCP it isn't. The important thing is that the clients are talking to the correct DNS server, as this is what they use to locate the DC they will talk to.

This is why fixed IPs are working. The only fix I can see for this is to either split it into two subnets, or decomission one domain's DHCP server and configure it's client statically.

Tony