- Term Papers and Free Essays

Best Practice Active Directory Design For Managing Windows Networks

Essay by   •  November 10, 2010  •  9,224 Words (37 Pages)  •  2,207 Views

Essay Preview: Best Practice Active Directory Design For Managing Windows Networks

Report this essay
Page 1 of 37

Best Practice Active Directory Design for Managing Windows Networks

A structured approach to Active Directory design makes enterprise-scale directory service deployment straightforward and easy to understand. This guide combines business and technical guidance to minimize the time and effort required to implement the Active Directory directory service.

This guide provides a step-by-step methodology based on best practices learned from customers that have already deployed Active Directory in their organizations. It provides all the tasks and decisions you need to develop an Active Directory design to manage Windows networks. The intended audience for this guide is the IT professional responsible for testing, piloting, and rolling out an Active Directory design.

On This Page


About this Guide

Active Directory Design: Key Concepts

Part I: Determining the Number of Forests in Your Organization

Determining the Number of Forests for Your Organization

Part II: Creating the Forest Design

Creating a Domain Design

Creating a DNS Design for Active Directory

Creating an Organizational Unit Design

Creating a Site Topology

Implementing Your Design

Part III: Worksheets

Number of Forests in Your Organization Worksheets

Active Directory Forest Design Worksheets


With the Active Directory service of Windows® 2000, organizations can simplify user and resource management while creating a scalable, secure, and manageable infrastructure for deploying additional important and emerging technologies.

To help shorten planning cycles and ensure successful deployments Microsoft is publishing a series of scenario-based guides that provide prescriptive, task-based, and solution-oriented guidance.

The Best Practice Active Directory Design for Managing Windows Networks and its companion guide, Best Practice Active Directory Deployment for Managing Windows Networks, are part of this series. These guides provide a structured approach to designing and deploying Active Directory. Without this structured approach, implementing Active Directory in your organization can take longer than expected.

These guides encapsulate planning and deployment expertise from Microsoft's product team with lessons learned from customers who have already designed and deployed Active Directory in their organizations.

Active Directory Deployment Scenarios

Unlike special-purpose directories, Active Directory can play a variety of roles within an organization. These roles range from managing Windows networks to supporting directory-enabled e-commerce applications. However, the way you intend to use Active Directory will affect the way that you make important design and deployment decisions.

Active Directory for Windows Network Management

This guide focuses on providing best practice-based guidance for deploying Active Directory for the purpose of managing networks comprised of Windows clients, Windows servers and Windows-compatible applications and devices. This guide will refer to this as the network operating system (NOS) management role. Benefits of deploying Active Directory in a NOS management role include:

* Centralized management of very large Windows networks (Active Directory is designed to support millions of objects).

* The ability to eliminate resource domains, including the hardware and administration they entail.

* Policy-based desktop lockdown and software distribution.

* The ability to delegate administrative control over resources where appropriate.

* Simplified location and use of shared resources.

* For additional information about the business value of deploying Active Directory visit

* This guide only covers deploying Active Directory and DNS core services as part of managing a Windows network. Other services that are layered on Active Directory can be added later and do not affect the initial design. For example, Group Policy can simplify management by providing policy-based administration for users, groups, workstations, and servers. Some services that can be layered on Active directory are:

* Group Policy

* Exchange 2000

* Integrated public key infrastructure (PKI) services

* Domain-based DFS

Special Considerations for Branch Office Deployments

Microsoft has identified a number of special considerations for deploying Active Directory in branch office environments. The characteristics of a branch office environment include:

* A large number of physical locations that need to contain replicas of Active Directory data.

* A small number of users per location.

* A hub and spoke network topology where many branch offices rely on connectivity to a centralized hub site for communications to other parts of the organization.

* Slow network connectivity between the branch office locations and the hub site.

Because of the ramifications of these requirements, Microsoft has developed additional content focused on deploying



Download as:   txt (62.9 Kb)   pdf (607.3 Kb)   docx (39.1 Kb)  
Continue for 36 more pages »
Only available on
Citation Generator

(2010, 11). Best Practice Active Directory Design For Managing Windows Networks. Retrieved 11, 2010, from

"Best Practice Active Directory Design For Managing Windows Networks" 11 2010. 2010. 11 2010 <>.

"Best Practice Active Directory Design For Managing Windows Networks.", 11 2010. Web. 11 2010. <>.

"Best Practice Active Directory Design For Managing Windows Networks." 11, 2010. Accessed 11, 2010.