Hi all, is it possible to have two AD domains, let's say first.local and secound.local in the same forest?

Simple answer: Yes. The domain just need to be in the same Active Directory database. Richard Mueller - MVP Directory Services

Hi Andrea - Welcome to the forums, To answer your question - Yes, you can have more than one domain in a single forest. Adding a new domain to AD will establish a two way trust between the two domains thus giving you seamless functionality between the two. It may be worth while reading the following sites: · http://www.microsoft.com/download/en/details.aspx?id=21678 (Best Practices for Delegating Active Directory Administration - Administration implications of having Multiple domains within your organisation) · http://technet.microsoft.com/en-us/library/cc780856(WS.10).aspx (Active Directory Domains) · http://technet.microsoft.com/en-us/library/cc739693(WS.10).aspx (Active Directory Trust transitivity) Few Extra points: · Domains running Functional levels lower than Server 2008 can only support one password/lockout policy · Adding domains to a single forest is likely to increate administrative and hardware costs - Each domain must be support by at least two domain controllers · Having a second domain is not a security boundary - There is still the possibly to cause forest wide damage. I hope this helps in making your decision... Regards, Patrick SPatrick Squire - http://www.msblog.org

Yes that is possible. The easisest way to do so would probably be to have third (possible empty) rootdomain called "local". http://technet.microsoft.com/en-us/library/cc755782(WS.10).aspxMCP/MCSA/MCTS/MCITP

FYI..Empty root domain concept is an old recommendation. It is not recommended anymore. Here is another thread regarding the same topic. http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/84c2a5fc-1e2e-4dc5-8607-607f3158f7b8 Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+| Houston, TX Blogs - http://blogs.sivarajan.com/ This posting is provided AS IS with no warranties,and confers no rights.

This scenario is called a disjointed namespace. What you would have is a forest with two trees. Each tree has one domain. There is no problem with this design if the namespace is required. Keep in mind that you should have at least 2 DCs/GCs per domain. This configuration should have at least 4 DCs in that forest. Visit anITKB.com, an IT Knowledge Base.