Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
Organisation-Wide AD Plan (Book 1 of 5)

Organisation-Wide AD Plan (Book 1 of 5)

Ratings:

4.6

(1)
|Views: 212|Likes:
Published by Mustan
This is the first book (of 5) that describes the methodology for creation of the design for organisation-wide aspects of an AD infrastructure.
This is the first book (of 5) that describes the methodology for creation of the design for organisation-wide aspects of an AD infrastructure.

More info:

Published by: Mustan on Jul 29, 2007
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF or read online from Scribd
See more
See less

05/08/2014

pdf

 
 © 2004 Mustan Bharmal. All Rights Reserved.
Table of Contents
O
A
D
P
I
A
D
P
O
A
D
P
S
A
D
P
P
O
A
D
P
P
D
C
O
A
D
P
N
F
R
O
I
A
C
P
C
D
D
N
F
R
C
B
C
E
F
O
I
A
C
P
C
D
D
B
C
E
F
C
F
F
I
O
S
I
A
C
P
C
D
D
F
F
I
C
A
P
O
I
A
C
P
C
D
D
A
C
O
M
O
S
I
A
C
P
C
D
D
O
M
C
 
 © 2004 Mustan Bharmal. All Rights Reserved.
1.Introduction to Organisation-Wide Active Directory Plan
Every organisation that wishes to design and deploy a Windows Server 2003 Active Directoryinfrastructure is required to create an “Organisation-Wide Active Directory Plan”.For definitions of the terms “Organisation” and “Windows Server 2003 Active DirectoryInfrastructure”, which may be confusing and open to misinterpretation, see the “BackgroundInformation” section of this introduction to the Organisation-Wide Active Directory Plan.
1.1.
Background Information
The term “Organisation” refers to either an entire organisation or the largest singular structurewithin an organisation that wishes to design and deploy a Windows Server 2003 ActiveDirectory infrastructure. Within some organisations, there may hence be several ActiveDirectory infrastructures, designed and deployed by multiple divisional structures of anorganisation.The term “Active Directory infrastructure” is a collective term that refers to all of the foreststhat the “organisation” is to design and deploy.
1.2.
Organisation-Wide Active Directory Plan Objectives
Hence, based upon these definitions of “organisation” and “Active Directory infrastructure”,the objective of this organisation-wide plan is to assist an organisation in the design of thetop-level components of an Active Directory infrastructure. These top-level componentsrequire design for application to all of the individual sub-components of an Active Directoryinfrastructure (such as the forest, site, and domain infrastructures).The following illustration depicts the relationship between the Organisation-Wide AD Plan andthe other plans (forest, site, domain, and migration) within this design methodology:
ORGANISATION-WIDEAD PLANSITE PLANFOREST PLANDOMAIN PLANMIGRATION PLAN
© 2004 M
USTANSHIR
B
HARMAL
Figure 2.1: Illustration of the Relationships between the Design Methodology Plans
Each of the other plans for implementation of an Active Directory infrastructure build upon theresults of the processes of each other as depicted above. In the above illustration, it ispossible to see how this Organisation-Wide Active Directory plan provides the foundation for all of the other plans for implementation of an Active Directory infrastructure.
1.3.
Organisation-Wide Active Directory Plan Scope
The scope of this plan is to assist an organisation in defining and designing the followingcomponents of an Active Directory infrastructure for the organisation:
The definition of the scope and scale of the Active Directory infrastructure for anorganisation via the determination of the number of forests required, and the boundariesand content of each required forest
The design of one or more intranet or extranet federated forest infrastructures for anorganisationPage 2 of 467 Last printed 28/5/2004 11:50 a5/p5
 
 © 2004 Mustan Bharmal. All Rights Reserved.
The design of one or more DNS infrastructures to support the Windows Server 2003 ActiveDirectory infrastructure for an organisation
The design of a set of consistent, organisation-wide, object-naming models for ActiveDirectory components and objects within the entire Active Directory infrastructure for anorganisationNote that there was an intention to include the process to create a design for the security of the Active Directory and DNS infrastructures within an organisation. However, there iscurrently a plethora of excellent whitepapers and methodologies on securing Active Directoryand DNS infrastructures, and hence these processes are out of scope of this designmethodology. However, the specific absence of these processes from this designmethodology for a Windows Server 2003 Active Directory infrastructure does not preclude therequirement for their execution. Thus, strongly recommend that all organisations investigateall of the factors and their considerations that will influence the design for a secure ActiveDirectory and DNS infrastructure, and produce such a design as appropriate.
1.4.
Organisation-Wide Active Directory Plan Processes
Based upon the objectives and scope of this plan defined above, the creation of anorganisation-wide Active Directory plan involves the creation of the following five components:1.Determination of the requirement for the design and deployment of a multiple forestinfrastructure for the organisation2.Where the requirement to design and deploy a multiple forest infrastructure is identified,then there will be the requirement to:a.Determine the number of forests that are required for an organisation, at the time of design of this Active Directory infrastructureb.Determine the boundaries and content of each forest that is identified for design andcreation within this organisation3.Design of federated forest infrastructures for an organisation4.Design of one or more DNS infrastructures for an organisation5.Design of a set of consistent, organisation-wide, object-naming models for all ActiveDirectory components and objects that have to be named at the time of creation within theentire Active Directory infrastructure for an organisation
1.5.
Deliverables of Organisation-Wide Active Directory Plan Processes
The Organisation-Wide Active Directory plan will have the following deliverables:
The determination of the scope for the Active Directory infrastructure of this organisationbased upon the number of forests required and the boundary and content of each forestthat is required
The design of federated forest infrastructures for an organisation
The design of one or more DNS infrastructures for an organisation
The design of an organisation-wide object naming convention strategy for the ActiveDirectory infrastructure of an organisation
1.6.
Inter-Process Dependencies
Each process within the organisation-wide Active Directory plan will have the following inter-process dependencies:Page 3 of 467 Last printed 28/5/2004 11:50 a5/p5

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->