Announcement

Collapse
No announcement yet.

AD structure

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD structure

    One domain. Multiple sites. DCs are in Domain Controllers container.
    Each site has 2-3 servers beside DC.
    OU structure:

    Main site is in OU=Internal. No questions here...

    12 sites (each in own OU) are in OU=External

    The question:

    is there any performance (best practice) advantage of keeping member servers in one OU ex. Servers, under External or placing servers of each site to OU Servers created under each site OU. Currently each site has sub OU=Computers and OU=Users.

    GPO application is clear in both cases.

    Thanks
    "When you hit a wrong note it's the next note that makes it good or bad". Miles Davis

  • #2
    Re: AD structure

    No particular difference and since you can apply separate GPOs (and separate delegated management) it makes sense to put them in separate ones.

    Note you might want to have a top level "Servers" OU for common GPO settings, then "Internal" and "External" under that, inheriting settings from "Servers" and adding their own GPOs
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: AD structure

      Concur with Tom.

      Thats the good thing about AD. you can do with it what you want.

      We currently have a Servers OU and beneath that we have an our for each site. We then place our servers in the relevant OU.

      Comment


      • #4
        Re: AD structure

        Thanks for sharing...
        "When you hit a wrong note it's the next note that makes it good or bad". Miles Davis

        Comment

        Working...
        X