
	Home > Windows Tips > > The first rule of Active Directory design? Keep it simple

Win IT Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

The first rule of Active Directory design? Keep it simple

James Michael Stewart
07.22.2003
Rating: -3.23- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

In previous tips, James has expounded on the notion that your Active Directory design can mimic the design, divisions, and hierarchy of your organization. While this is still true, you may want to consider a few related issues.

Active Directory is very flexible. So flexible that you can design an Active Directory forest that is complex beyond imagination. Both Windows 2000 Server and Windows Server 2003 support the Active Directory containers of forest, domain, site, and organizational unit (OU). With the only real restriction of one forest per namespace, you can deploy as many domains, sites, and OUs as you deem necessary.

However, before you rush off to design an Active Directory network that includes a domain for every department in your enterprise, take a step back and breath. As a general rule, you want to keep the number of domains to a minimum whenever possible. If you really need department level divisions on your network that reflect the organization of your business, then use OUs instead. OUs are much more flexible and easier overall to manage than domains.

In fac...

Digg This!

StumbleUpon

Del.icio.us

RELATED RESOURCES

	2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
	Search Bitpipe.com for the latest white papers and business webcasts
	Whatis.com, the online computer dictionary

t, if you are migrating from a Windows NT 4.0 network to a Windows 2000 Server or Windows Server 2003 Active Directory network, compare the number of domains from your existing legacy system and compare that with the number of domains in your new AD-based design. If your new AD network has more domains than your legacy network, you may need to re-think your design. Yes, it is possible to use as many domains as you wish, but I warn you now, you'll regret that decision down the line.

OUs grant you nearly infinite flexibility as you can move them, delete, and create new OUs as needed. However, domains are much more rigid in their existence. Domains can be deleted and new ones created, but this process is more disruptive of an environment than is the case with OUs, and should be avoided whenever possible.

In other words, keep your domain numbers down and the complexity of domain relationships simple. If you need lots of groupings and divisions, rely upon OUs.

James Michael Stewart is a partner and researcher for Itinfopros, a technology-focused writing and training organization.

Rate this Tip
To rate tips, you must be a member of SearchWinIT.com. Register now to start rating these tips. Log in if you are already a member.

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Windows Technology Updates, Reviews and Solutions

Laptop Discounts with free coupon codes, huge savings at Notebook Review

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 1999 - 2009, TechTarget \| Read our Privacy Policy