1
00:00:01,140 --> 00:00:03,700
This is perhaps a little bit overengineered.

2
00:00:03,700 --> 00:00:07,220
You can see on the left side of the screen on your Windows 10 or

3
00:00:07,220 --> 00:00:11,170
Windows 11 box you've got Hyper‑V, and you have copies of the

4
00:00:11,170 --> 00:00:16,440
Windows Server 2022 evaluation. I would suggest that you set up a,

5
00:00:16,440 --> 00:00:18,110
doesn't have to be four domain,

6
00:00:18,110 --> 00:00:21,490
but I would say three domain anyway, a multi‑forest,

7
00:00:21,490 --> 00:00:23,150
multi‑domain environment.

8
00:00:23,150 --> 00:00:26,500
So, in this case, in your original forest1,

9
00:00:26,500 --> 00:00:30,250
you've got a forest root and a child domain. I would suggest you

10
00:00:30,250 --> 00:00:35,150
have two domain controller VMs in the root one and the child. And

11
00:00:35,150 --> 00:00:38,880
then for forest2, you really just need the forest root. If you want

12
00:00:38,880 --> 00:00:40,630
to throw the child in there, that's fine.

13
00:00:40,630 --> 00:00:44,950
And I wouldn't even say that you need two domain controllers in the forest root.

14
00:00:44,950 --> 00:00:48,530
I just would say that for one of those root domains you want to have two

15
00:00:48,530 --> 00:00:53,220
domain controllers because part of the objectives involve your understanding

16
00:00:53,220 --> 00:00:57,530
how Active Directory replication works between domain controllers in the

17
00:00:57,530 --> 00:01:02,400
same site and domain and across domain controllers, across subnets, across

18
00:01:02,400 --> 00:01:06,700
Active Directory sites, all right? And then assuming you've got a free trial

19
00:01:06,700 --> 00:01:11,080
going with Azure, you can build out a relatively simple virtual network.

20
00:01:11,080 --> 00:01:13,830
Now, again, this is perhaps a bit overengineered.

21
00:01:13,830 --> 00:01:15,200
Do you need a client subnet?

22
00:01:15,200 --> 00:01:16,300
Not necessarily,

23
00:01:16,300 --> 00:01:19,810
but by creating a domain subnet with one or two Windows

24
00:01:19,810 --> 00:01:23,170
Server domain controllers there, this can give you practice

25
00:01:23,170 --> 00:01:25,360
in extending your domain environment.

26
00:01:25,360 --> 00:01:26,910
Now, how would you do the extension?

27
00:01:26,910 --> 00:01:29,360
You see the middle part of this diagram? You've got a

28
00:01:29,360 --> 00:01:31,610
site‑to‑site virtual private network.

29
00:01:31,610 --> 00:01:39,000
Now there are a number of ways you can stand up a site‑to‑site VPN. I've given you some guidance on this in the course files.