Subdomains

21/03/2006, 15h14

I am just beginning to create a network for my new company, and I would like
to get some opinions on subdomains. I am going to have anywhere from 40-100
remote facilities that will all be VPN into our corp HQ, and I am not sure
if I should break down geographic areas into subdomains or just add
additional domain controllers to the parent domain and place them in
seperate geographic areas. I am over my head at this point, and would like
to know what the real benefit is to the subdomain or if it really even makes
sense in my situation.

Thanks,

Randy Whitehead

21/03/2006, 16h00

"plumbsquareltd" <plumbsquareltd@bellsouth.net> wrote in message
news:ZPTTf.946$sU4.38@bignews4.bellsouth.net...
>I am just beginning to create a network for my new company, and I would
>like to get some opinions on subdomains. I am going to have anywhere from
>40-100 remote facilities that will all be VPN into our corp HQ, and I am
>not sure if I should break down geographic areas into subdomains or just
>add additional domain controllers to the parent domain and place them in
>seperate geographic areas.

It's impossible to say from such limited information --
and probably without a further discussion of the trade-offs
but here is a guide:

Assume ONE domain until you find positive reasons for
splitting it. Then weigh the advantages/need against the
costs and extra work.

> I am over my head at this point, and would like to know what the real
> benefit is to the subdomain or if it really even makes sense in my
> situation.

Sites are designed to solve your main problem - to
control replication to remote locations.

Domains give other advantages that you don't indicate
are needed but in RARE cases domains are able to
assist in the control of replication but if your WANS
have reasonably available bandwidth and/or you have
a fairly small populatation (users/computers) Sites
will normally cover you.

Reasons for creating Domains include:

1) Complete Delegation of control (to other admins) or
to mirror NT structurs -- but USUALLY OUs will
cover these needs.

2) Massive number of objects vs. poor WAN Lines
(many books treat these separate but as the number
of users go UP and the WAN line speeds go DOWN
things get worse.) With high speed lines millions
of users are possible so don't think these are trivially
small limits.

3) Different security ACCOUNT policies -- Password,
Lockout, Kerberos -- these three are set at the DOMAIN
level (not OU or Site) only.

4) Miscellaneous -- anything that requires a different Forest
or different tree cause a separate domain by definition.

Sites allow Active Directory (administrators) to control replication
in ways that will answers most needs.

> I am over my head at this point, and would like

You may need the (temporary) services of a competent consultant.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

21/03/2006, 15h14	#1
plumbsquareltd Messages: n/a Hébergeur:	Subdomains I am just beginning to create a network for my new company, and I would like to get some opinions on subdomains. I am going to have anywhere from 40-100 remote facilities that will all be VPN into our corp HQ, and I am not sure if I should break down geographic areas into subdomains or just add additional domain controllers to the parent domain and place them in seperate geographic areas. I am over my head at this point, and would like to know what the real benefit is to the subdomain or if it really even makes sense in my situation. Thanks, Randy Whitehead

21/03/2006, 16h00	#2
Herb Martin Messages: n/a Hébergeur:	Re: Subdomains "plumbsquareltd" <plumbsquareltd@bellsouth.net> wrote in message news:ZPTTf.946$sU4.38@bignews4.bellsouth.net... >I am just beginning to create a network for my new company, and I would >like to get some opinions on subdomains. I am going to have anywhere from >40-100 remote facilities that will all be VPN into our corp HQ, and I am >not sure if I should break down geographic areas into subdomains or just >add additional domain controllers to the parent domain and place them in >seperate geographic areas. It's impossible to say from such limited information -- and probably without a further discussion of the trade-offs but here is a guide: Assume ONE domain until you find positive reasons for splitting it. Then weigh the advantages/need against the costs and extra work. > I am over my head at this point, and would like to know what the real > benefit is to the subdomain or if it really even makes sense in my > situation. Sites are designed to solve your main problem - to control replication to remote locations. Domains give other advantages that you don't indicate are needed but in RARE cases domains are able to assist in the control of replication but if your WANS have reasonably available bandwidth and/or you have a fairly small populatation (users/computers) Sites will normally cover you. Reasons for creating Domains include: 1) Complete Delegation of control (to other admins) or to mirror NT structurs -- but USUALLY OUs will cover these needs. 2) Massive number of objects vs. poor WAN Lines (many books treat these separate but as the number of users go UP and the WAN line speeds go DOWN things get worse.) With high speed lines millions of users are possible so don't think these are trivially small limits. 3) Different security ACCOUNT policies -- Password, Lockout, Kerberos -- these three are set at the DOMAIN level (not OU or Site) only. 4) Miscellaneous -- anything that requires a different Forest or different tree cause a separate domain by definition. Sites allow Active Directory (administrators) to control replication in ways that will answers most needs. > I am over my head at this point, and would like You may need the (temporary) services of a competent consultant. -- Herb Martin, MCSE, MVP Accelerated MCSE http://www.LearnQuick.Com [phone number on web site]

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email