Forests, Domains, and Organizational Units
Forest Design
Single Forest Benefits:
Simplified administration and trust relationships
Automatic trust between all domains
Shared Global Catalog and schema
Unified security boundaries
Multiple Forest Scenarios:
Security Requirements: Different security policies or admin teams
Political Boundaries: Separate business units or acquisitions
Geographic Isolation: Different regulatory requirements
Technical Constraints: Incompatible schema requirements
Domain Design Considerations
Single Domain Model:
Pros: Simplified administration, no trust relationships, easier management
Cons: Single point of failure, potential performance issues, limited delegation
Multiple Domain Model:
Pros: Distributed administration, improved performance, political boundaries
Cons: Complex trust relationships, increased overhead, replication complexity
Domain Design Factors:
Administrative Autonomy: Need for separate admin teams
Security Isolation: Different security requirements
Replication Control: Network bandwidth limitations
Political Requirements: Organizational boundaries
Organizational Units
OU Design Models:
Geographic Model:
Company.com
βββ North-America
β βββ USA
β β βββ New-York
β β βββ California
β βββ Canada
β βββ Toronto
βββ Europe
βββ UK
βββ GermanyFunctional Model:
Company.com
βββ Sales
βββ Marketing
βββ IT
βββ HR
βββ FinanceAdministrative Model:
Company.com
βββ Users
β βββ Executives
β βββ Managers
β βββ Employees
βββ Computers
β βββ Workstations
β βββ Servers
β βββ Laptops
βββ Resources
βββ Printers
βββ Shared-FoldersHybrid Model:
Company.com
βββ Corporate
β βββ Users
β βββ Computers
β βββ Groups
βββ Divisions
βββ Sales
β βββ Users
β βββ Computers
βββ IT
βββ Users
βββ ComputersLast updated
Was this helpful?