Download presentation
Presentation is loading. Please wait.
1
7.1 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Goals Design forests Design trees Design domains
2
7.2 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Forest design The number of forests in the design is critical decision that impacts many components Number of schemas: Each forest contains its own unique schema Number of global catalogs: Each forest contains a unique global catalog Core administrative model: Separate forests should have separate administrators Trust configuration: Trusts between forests must be manually created Designing Forests (Skill 1)
3
7.3 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Designing a multiple forest structure When to use multiple forests You need to use multiple incompatible Active Directory integrated applications You require two or more completely separate global catalogs You need complete administrative separation You require complete control over trusts If your design does not involve one of the above situations, use a single forest Designing Forests (2) (Skill 1)
4
7.4 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-1 The effects of forest design (Skill 1)
5
7.5 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Tree design Determines the layout of the domains in the forest and the naming scheme Should use a single tree in most cases Reasons to use more than one tree To support multiple top-level names To migrate from an older Windows NT domain structure and retain as much of the general domain organization as possible Designing Trees (Skill 2)
6
7.6 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-3 The Windows NT domain structure converted to an Active Directory tree based on department (Skill 2)
7
7.7 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-4 The Windows NT domain structure converted to an Active Directory tree based on region (Skill 2)
8
7.8 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-5 A tree design based on company divisions (Skill 2)
9
7.9 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-6 A tree design based on regions (Skill 2)
10
7.10 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Domain design Design the simplest structure possible, adding domains only if there is a valid reason to do so Use organizational units (OUs) instead if possible Reasons for multiple domains Need for administrative separation Need for additional boundaries of security Need for different account policies Need for more precise control over replication Designing Domains (Skill 3)
11
7.11 © 2004 Pearson Education, Inc. Exam 70-297 Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 7: Planning the Domain Model Figure 7-7 Reasons for using multiple domains (Skill 3)
Similar presentations
