Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009.

Published byHilary Dennis Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009."— Presentation transcript:

1 Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009

2 What Is IPD? Guidance that aims to clarify and streamline the planning and design process for Microsoft ® infrastructure technologies IPD: Defines decision flow Describes decisions to be made Relates decisions and options for the business Frames additional questions for business understanding IPD Guides are available at www.microsoft.com/ipdwww.microsoft.com/ipd Page 2 |

3 ACTIVE DIRECTORY DOMAIN SERVICES Getting Started Page 3 |

4 Purpose and Agenda Purpose To provide design guidance for Windows Server ® 2008 Active Directory Agenda Determine process for Active Directory design Assist designers in the decision-making process Provide design assistance based on best practices and real-world experience Page 4 |

5 Active Directory in Microsoft Infrastructure Optimization Page 5 |

6 Page 6 | Decision Flow Diagram

7 Tips for the Planning Process Considerations at each design phase Complexity Cost Fault tolerance Performance Scalability Security Page 7 |

8 Decision Flow Start Path: Determine Domain and Forest Components Page 8 |

9 How Many Forests? Option 1: Single forest Option 2: Multiple forests Multiple Forest Drivers Multiple schemas Resource forests Forest administrator distrust Legal regulations for application or data access Page 9 | Determine the Number of Forests 1234

10 Determine the Number of Domains Page 10 | How Many Domains? Option 1: Single domain Option 2: Multiple domains Multiple Domain Drivers Large number of frequently changing attributes Reduce replication traffic Control replication traffic over slow links Preserve legacy Active Directory 1234

11 Assign Domain Names Task 1: Assign the NetBIOS Name Maximum effective length of 15 characters Use a NetBIOS name that is unique across corporations Task 2: Assign DNS Name DNS name consists of host name and network name Ensure uniqueness by not duplicating existing registered Internet domain names Register all top-level domain names with Internic Name should not represent business unit or division Page 11 | 1234

12 Select the Forest Root Domain Establish Forest Root Domain Structure: Option 1: Use a planned domain Option 2: Dedicated forest root domain Additional Considerations: Determine time synch strategy Consider cost of final structure Consider complexity of final structure Page 12 | 1234

13 Decision Flow Path A: Determine Organizational Unit (OU) Structure Page 13 |

14 Design the OU Structure Choose an OU Design: Task 1: Design OU configuration for delegation of administration Task 2: Design OU configuration for group policy application Page 14 | 1

15 Decision Flow Path B: Determine Domain Controller Placement and Operations Master Role Placement Page 15 |

16 Determine Domain Controller Placement Placement of the Domain Controllers: Task 1: Hub locations Task 2: Satellite locations Page 16 | 1234

17 Determine the Number of Domain Controllers Page 17 | Number of Domain Controllers Needed and Their Type: Task 1: Determine number of domain controllers Task 2: Determine type of domain controllers placed in location 1234

18 Determine Global Catalog Placement Page 18 | Global Catalog Locations and Number Needed: Task 1: Determine global catalog locations and counts 1234

19 Determine Global Catalog Placement Considerations: Locate near applications that rely on global catalog Number of users at the location greater than 100 WAN link availability Roaming users at location Use of universal group caching How many global catalog servers? Page 19 | 1234

20 Determine Operations Master Role Placement Domain Roles Primary domain controller (PDC) emulator operations master Relative ID (RID) operations master Infrastructure operations master Forest Roles Schema operations master Domain naming operations master Page 20 | 1234

21 Determine Operations Master Role Placement Operations Master Role Placement: Task 1: FSMO placement Page 21 | 1234

22 Decision Flow Path C: Determine Site Design and Structure Page 22 |

23 Create the Site Design Creating the Site Design: Task 1: Create a site for the location Task 2: Associate location to nearest defined site Page 23 | 123

24 Create a Site Link Design Creating the Site Link Design: Task 1: Determine the site link design Page 24 | 123

25 Create the Site Link Bridge Design Creating the site link bridge design: Option 1: Default behavior Option 2: Custom site link bridge Page 25 | 123

26 Decision Flow Path D: Determine Domain Controller Configuration Page 26 |

27 Determine Domain Controller Configuration Plan Domain Controller Configuration: Task 1: Identify minimum disk space requirements for each domain controller Task 2: Identify memory requirements for each domain controller Task 3: Determine CPU requirements Task 4: Identify network requirements for each domain controller Page 27 | 1

28 Active Directory Dependencies Direct Dependencies Domain Name Service (DNS) Lightweight Directory Access Protocol (LDAP) Indirect Dependencies Windows Internet Naming Services (WINS) Page 28 |

29 What’s Next? – Discuss, Rinse, Repeat Implement your design Test and refine design along the way Provide feedback on the doc to satfdbk@microsoft.com Page 29 |

30 Summary and Conclusion Organizations should base the design of their Active Directory infrastructure on business and technical requirements Considerations should include: The scope of the network and environment Technical requirements and considerations Additional business requirements Designing an Active Directory infrastructure to meet these requirements Validating the overall approach Page 30 |

31 Find More Information Microsoft Solution Accelerators microsoft.com/technet/SolutionAccelerators satfdbk@microsoft.com Download the Full Document http://go.microsoft.com/fwlink/?LinkId=100915 Online Resources Creating a Forest Design: provides information on the details and needs for a forest designForest Design Creating a Domain Design: provides information on the details and needs for a domain designDomain Design Namespace planning for DNSNamespace planning for DNS: provides information on the best practices and techniques for DNS names Configuration of the time service within Active Directory will help with syntax and design requirement for setting up the time for the Active Directory enterprisetime service Best Practice Active Directory Design Best Practice Active Directory Design for Managing Windows Networks Windows Server 2003 Deployment GuideWindows Server 2003 Deployment Guide: provides invaluable information for deploying and configuration servers for Active Directory FSMO placement and optimization FSMO placement and optimization on Active Directory domain controllers Best Practices for Active Directory Design and Deployment Designing and Deploying Directory and Security Services Page 31 |

Download ppt "Windows Server ® 2008 Active Directory ® Domain Services Infrastructure Planning and Design Series Published: February 2008 Updated: July 2009."

Similar presentations

Internet Information Services 7.0 and Internet Information Services 7.5 Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Internet Information Services 7.0 and Internet Information Services 7.5 Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Windows® Deployment Services

Windows® Deployment Services
Windows Server ® 2008 File Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.

Windows Server ® 2008 File Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.
Windows Server ® 2008 and Windows Server ® 2008 R2 Active Directory ® Domain Services Infrastructure Planning and Design Published: February 2008 Updated:

Windows Server ® 2008 and Windows Server ® 2008 R2 Active Directory ® Domain Services Infrastructure Planning and Design Published: February 2008 Updated:
Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
DirectAccess Infrastructure Planning and Design Published: October 2009 Updated: November 2011.

DirectAccess Infrastructure Planning and Design Published: October 2009 Updated: November 2011.
Module 14: Implementing an Active Directory Infrastructure.

Module 14: Implementing an Active Directory Infrastructure.
Microsoft ® Forefront ® Unified Access Gateway Infrastructure Planning and Design Published: December 2009 Updated: July 2010.

Microsoft ® Forefront ® Unified Access Gateway Infrastructure Planning and Design Published: December 2009 Updated: July 2010.
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Windows Server ® Virtualization Infrastructure Planning and Design Published: November 2007 Updated: July 2010.

Windows Server ® Virtualization Infrastructure Planning and Design Published: November 2007 Updated: July 2010.
70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure Chapter 2: Developing the Active Directory.

70-297: MCSE Guide to Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure Chapter 2: Developing the Active Directory.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
CS603 Active Directory February 1, 2001.

CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.

Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.
Windows Server Virtualization Infrastructure Planning and Design Series.

Windows Server Virtualization Infrastructure Planning and Design Series.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.

Similar presentations

Ads by Google