Home > Articles

  • Print
  • + Share This
This chapter is from the book

Choosing Your Domain Structure

There is a basic tenet to consider when designing the Active Directory domain structure. Start simple, and then expand only if expansion is necessary to address a specific need. This concept is, by and large, the most important concept to remember when you're designing Active Directory components. In regard to domain design, this means you should always start the design process with a single domain and then add on to your design if your organizational concerns dictate that you do so. Following this basic philosophy during the design process will reduce headaches down the road.

When you're designing the Active Directory, you must contemplate a common framework for diagrams. In Active Directory, for example, domains are often pictorially represented by triangles, as shown in Figure 5.2. So, when beginning your design, start with a single triangle.

Figure 5.2Figure 5.2 Domain diagram representation as a triangle.

In this example, the fictional company named CompanyABC has begun the process of domain design. Depending on its unique needs, CompanyABC may decide to expand upon that model or keep it simplistic. These decisions should be made with a detailed knowledge of the different domain design models and the environments in which they work best.

Active Directory was designed to be a flexible, forgiving directory services implementation. This is even more true with Windows .NET's Active Directory implementation. Consequently, there are multiple design models available to choose from, depending on the individual needs of organizations. The major design models are as follows:

  • Single domain model

  • Multiple subdomain model

  • Multiple trees in a single forest model

  • Federated forests design model

  • Peer-root model

  • Placeholder domain model

  • Special-purpose domains

In reality, not all AD structures fall underneath these categories because the possibilities exist for numerous variations and mutations of AD structure. However, most domain structures either fall into these categories or are a hybrid model, possessing traits of two different models. Out of all these models, however, the single domain model is the most common design model and also happens to be the easiest to deploy.

  • + Share This
  • 🔖 Save To Your Account