No announcement yet.

Child Domain vs Trust Relationship

  • Filter
  • Time
  • Show
Clear All
new posts

  • Child Domain vs Trust Relationship

    So here is the scenario-

    We are in the process of centralizing IT to a data center in a single location. I currently have 12 different operating companies that need a shared security and exchange functionality. As it stands they are all separate individual domains of varying levels. There is a company wide accounting system that needs to be integrated with AD currently running in a completely separate domain as well that I would like to see people using their own AD log on info to use.

    Here is my question-

    Knowing that all the Active directory domains need to be touched regardless to get them all up to a uniform functional level and that there is significant work to be done no matter what, which configuration would be best? I know there are several points to each one, but I want to make sure I am covering my bases now before choosing a path. Do I go for a single forest\parent domain? Or separate domains using trusts between the corporate domain and the operating companies like a spoke and hub config? What are the pros and cons of each?


  • #2
    Re: Child Domain vs Trust Relationship

    I'd be inclined to recommend the same as the answers you've gotten over at serverfault. A single domain model with OU's for organizational management and the application of GPO's along with delegation of control where needed is probably the best design for your scenario.