Announcement

Collapse
No announcement yet.

AD Design

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Design

    Hi Guys ,

    I have Windows 2003 Domain ,we have 3 different location spread across different Geoggraphic locations .

    Domain A & Domain B in two different forest

    Right now we have Trust relationship between the forests. Our management wants one single forest .

    I would like know , which kinda design is ideal

    1. to have single forest having FSMO's spread across all the DC's

    2. to a Parent & child Domain's

    Any help is highly appreciated

    Thanks
    Raghu

  • #2
    Re: AD Design

    Technically the best config' that I would recommend is having one Forest and one domain, Unfortunately Technical reasons are not always what counts, what counts is company needs and Politics in the company.
    it all depends what you need to preserve as far as Names of the domains/forests and if there is internal politics of who is in charge of what domain and if it would be consolidated , who would in charge of what...etc.
    if you could shed some more light it would be good.

    Comment


    • #3
      Re: AD Design

      Thanks for your quick reply

      even i thought the same , but one of our senior member is insisting to have parent & sub domains .

      We have Exchange 2003 on both the forest , we'll be migrating exchange 2003 to exchange 2007.

      To eloboarate on this , we have forest A in US with subdomain in UK , the second forest B is in India , the plan is to merge Forest B to Forest A .

      So i thought of having a root DC in US & Addtional DC's in India & UK assuming we have good connectivity between the sites and also have one exchange server in each site .

      But if we have parent & child sub domain , we have to host Exchange 2007 on Parent Domain , wherein we(Child Domain) wont have enough power to controll the mail server.

      If this is the case , what will you suggest

      Comment


      • #4
        Re: AD Design

        IMHO the technical "best solution" is meaningless. The "best" way to design an AD is to do it in accordance with the business needs of the organisation. Present the Business with the options of how the thing can be done, and let them choose how they want it done. After that it's up to technical people to use industry best practice to implement what the business have asked for.


        Tom
        For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

        Anything you say will be misquoted and used against you

        Comment


        • #5
          Re: AD Design

          With regard to your second post, you cannot "merge" forests. Once they are separate forests they will always be. All you can do is migrate users from the forest you're happy to lose into the other forest; whether that be another domain or the root domain is up to the business. There are many migration tools available; one I have heard good things about is Quest, and one that the forum people here recommend is Swing Migration.


          Tom
          For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

          Anything you say will be misquoted and used against you

          Comment

          Working...
          X