No announcement yet.

Implementing my first AD, in real enviroment

  • Filter
  • Time
  • Show
Clear All
new posts

  • Implementing my first AD, in real enviroment

    I'm 30 and still a virgin domain administrator. There, I've said it. Mock me if you will, but I'm going to try and roll out my first domain to our company workgroup. I've tested and created at multiple times, but this will be my first "real" deployment.

    I come to the masses to ask, what should I be careful of, or what should I watch for? Any speedbumps that you might have hit in the past? I've been reading everything that I could on AD for the past year. I've tested and pushed buttons to see what happens. Now I go live.

    Here's current setup:

    Main Office
    30 users connected via workgroup to single server running 2k3.
    Satellite Offices (4)
    5 users per satellite connecting via terminal services to server.

    My Plan:
    Deploy AD to new server at main office. Add PC and users to AD, with new profile. Import outlook settings to bring old emails and contacts to new profile. Leave group policies and OUs until a later date.

    Does this seem viable?

  • #2
    Re: Implementing my first AD, in real enviroment

    Ha, that made me laugh

    I would start with a good password policy. You can set it in the default domain policy. Make sure you have a naming convention and don't deviate from it.
    Get a document written explaining what users are /aren't allowed to do from the outset.
    Try and make sure they are no allowed local admin rights.
    Keep copies of all CDs, documents and licenses in a safe place for DR and compliance purposes

    Not sure what you are importing "from" but if it is PST files then make sure you have AV already installed on the machine/machines you do it from.
    Get all client machines up to date with Windows patches and look at using WSUS (it's free)

    Please read this before you post:

    Quis custodiet ipsos custodes?