Configure DC2 as bridgehead server
On DC2, seize the Schema master role
Logg off and log on again to AD by using an account that is a member of the Schema Administrators group. Start the AD SChema snap-in
Register the Schmmgmt.dll Start the AD Schema snap-in
Run auditpol.exe and the configure the Security setting of the Domain Controllers OU
From the Default Domain Controllers policy, enable the Audit directory service access setting and enable directory service changes
Enable the Audit account management policy in the default Domain Controller policy
Run auditpol.exe and the enable the Audit directory service access setting in the Default Domain policy
Use thedsmod OU command to create the organizational unit
Use the Active Direcotry User and Computers snap-in to create the organizations units on the AD LDS applications directory paritition.
Use thedadd OU command to create the organizational unit
Use the ADSI Edit snap-in to create the organizational units on the AD LDS application directory partition.
From the properties of the zone, modify the TTL of the SOA record.
From the properties of the zone, enable scavenging.
From the command prompt, run ipconfig /flushdns
From the properties of the zone, disable dynamic updates
Crete a new stub zone named ad.contoso.com on DC2
Create a new standard secondary zone named ad.contoso.com on DC2
Configure the DNS server on DC2 to forward requests to DC1
Convert the ad.contoso.com zone on DC1 to an Active Directory-integrated zone.