This guide provides a step-by-step methodology based on best practices learned from customers that have already deployed Active Directory in their organizations. It provides all the tasks and decisions you need to develop an Active Directory design to manage Windows networks. The intended audience for this guide is the IT professional responsible for testing, piloting, and rolling out an Active Directory design.
On This Page
About this Guide
Active Directory Design: Key Concepts
Part I: Determining the Number of Forests in Your Organization Determining the Number of Forests for Your Organization
Part II: Creating the Forest Design
Creating a Domain Design
Creating a DNS Design for Active Directory
Creating an Organizational Unit Design
Creating a Site Topology
Implementing Your Design
Part III: Worksheets
Number of Forests in Your Organization Worksheets
Active Directory Forest Design Worksheets
With the Active Directory service of Windows® 2000, organizations can simplify user and resource management while creating a scalable, secure, and manageable infrastructure for deploying additional important and emerging technologies.
To help shorten planning cycles and ensure successful deployments Microsoft is publishing a series of scenario-based guides that provide prescriptive, task-based, and solution-oriented guidance.
The Best Practice Active Directory Design for Managing Windows Networks and its companion guide, Best Practice Active Directory Deployment for Managing Windows Networks, are part of this series. These guides provide a structured approach to designing and deploying Active Directory. Without this structured approach, implementing Active Directory in your organization can take longer than expected.
These guides encapsulate planning and deployment expertise from Microsoft's product team with lessons learned from customers who have already designed and deployed Active Directory in their organizations.
Active Directory Deployment Scenarios
Unlike special-purpose directories, Active Directory can play a variety of roles within an organization. These roles range from managing Windows networks to supporting directory-enabled e-commerce applications. However, the way you intend to use Active Directory will affect the way that you make important design and deployment decisions.
Active Directory for Windows Network Management
This guide focuses on providing best practicebased guidance for deploying Active Directory for the purpose of managing networks comprised of Windows clients, Windows servers and Windows-compatible applications and devices. This guide will refer to this as the network operating system (NOS) management role. Benefits of deploying Active Directory in a NOS management role include:
Centralized management of very large Windows networks (Active Directory is designed to support millions of objects).
The ability to eliminate resource domains, including the hardware and administration they entail.
Policy-based desktop lockdown and software distribution.
The ability to delegate administrative control over resources where appropriate.
Simplified location and use of shared resources.
For additional information about the business value of deploying Active Directory visit http://www.microsoft.com/windows2000.
This guide only covers deploying Active Directory and DNS core services as part of managing a Windows network. Other services that are layered on Active Directory can be added later and do not affect the initial design. For...