Best Practice Active Directory Design For Managing Windows Networks
Essay by 24 • November 10, 2010 • 9,224 Words (37 Pages) • 2,442 Views
Essay Preview: Best Practice Active Directory Design For Managing Windows Networks
Best Practice Active Directory Design for Managing Windows Networks
A structured approach to Active Directory design makes enterprise-scale directory service deployment straightforward and easy to understand. This guide combines business and technical guidance to minimize the time and effort required to implement the Active Directory directory service.
This guide provides a step-by-step methodology based on best practices learned from customers that have already deployed Active Directory in their organizations. It provides all the tasks and decisions you need to develop an Active Directory design to manage Windows networks. The intended audience for this guide is the IT professional responsible for testing, piloting, and rolling out an Active Directory design.
On This Page
Introduction
About this Guide
Active Directory Design: Key Concepts
Part I: Determining the Number of Forests in Your Organization
Determining the Number of Forests for Your Organization
Part II: Creating the Forest Design
Creating a Domain Design
Creating a DNS Design for Active Directory
Creating an Organizational Unit Design
Creating a Site Topology
Implementing Your Design
Part III: Worksheets
Number of Forests in Your Organization Worksheets
Active Directory Forest Design Worksheets
Introduction
With the Active Directory service of Windows® 2000, organizations can simplify user and resource management while creating a scalable, secure, and manageable infrastructure for deploying additional important and emerging technologies.
To help shorten planning cycles and ensure successful deployments Microsoft is publishing a series of scenario-based guides that provide prescriptive, task-based, and solution-oriented guidance.
The Best Practice Active Directory Design for Managing Windows Networks and its companion guide, Best Practice Active Directory Deployment for Managing Windows Networks, are part of this series. These guides provide a structured approach to designing and deploying Active Directory. Without this structured approach, implementing Active Directory in your organization can take longer than expected.
These guides encapsulate planning and deployment expertise from Microsoft's product team with lessons learned from customers who have already designed and deployed Active Directory in their organizations.
Active Directory Deployment Scenarios
Unlike special-purpose directories, Active Directory can play a variety of roles within an organization. These roles range from managing Windows networks to supporting directory-enabled e-commerce applications. However, the way you intend to use Active Directory will affect the way that you make important design and deployment decisions.
Active Directory for Windows Network Management
This guide focuses on providing best practice-based guidance for deploying Active Directory for the purpose of managing networks comprised of Windows clients, Windows servers and Windows-compatible applications and devices. This guide will refer to this as the network operating system (NOS) management role. Benefits of deploying Active Directory in a NOS management role include:
* Centralized management of very large Windows networks (Active Directory is designed to support millions of objects).
* The ability to eliminate resource domains, including the hardware and administration they entail.
* Policy-based desktop lockdown and software distribution.
* The ability to delegate administrative control over resources where appropriate.
* Simplified location and use of shared resources.
* For additional information about the business value of deploying Active Directory visit http://www.microsoft.com/windows2000.
* This guide only covers deploying Active Directory and DNS core services as part of managing a Windows network. Other services that are layered on Active Directory can be added later and do not affect the initial design. For example, Group Policy can simplify management by providing policy-based administration for users, groups, workstations, and servers. Some services that can be layered on Active directory are:
* Group Policy
* Exchange 2000
* Integrated public key infrastructure (PKI) services
* Domain-based DFS
Special Considerations for Branch Office Deployments
Microsoft has identified a number of special considerations for deploying Active Directory in branch office environments. The characteristics of a branch office environment include:
* A large number of physical locations that need to contain replicas of Active Directory data.
* A small number of users per location.
* A hub and spoke network topology where many branch offices rely on connectivity to a centralized hub site for communications to other parts of the organization.
* Slow network connectivity between the branch office locations and the hub site.
Because of the ramifications of these requirements, Microsoft has developed additional content focused on deploying
...
...