1. Home
  2. Server Administration
  3. Active Directory

8.6 Other Design Considerations

In many cases you may need to revise your namespace designs a number of times. Certainly GPOs will make a difference as to how you structure your users and computer objects, so we do not assume that one pass through a design process will be enough.

Once you have a basic design, there is nothing stopping you from putting that design to one side and working on identifying a perfect design for your Active Directory network, one that you would like to implement in your organization, ignoring all Active Directory-imposed design constraints. You then can work out how difficult it will be to move to that perfect design from the practical one that you worked out using the preceding steps. You can look at the feasibility of the move from one to the other and then rationalize and adjust your final design to take into account the factors you have listed. You can then use this as an iteration tool so that your final design is much closer to the perfection you are aiming for.

Apart from GPOs, which we cover in Chapter 7 and Chapter 10, there are other aspects of Active Directory design that we have not and will not be covering. For example, you are quite likely to want printers advertised in Active Directory so that they can be accessed easily using a simple search of Active Directory (which the Add Printer wizard now uses as the default option). You may want shares advertised in Active Directory, so that users can easily locate data partitions on a site nearest to them. The Distributed Filing System (DFS) that allows you to organize disjointed and distributed shares into a single contiguous hierarchy is a fine example of this in action. When you reference a share held by the DFS, the DFS uses Active Directory to automatically redirect your request to the closest share replica. There is also the matter of designing your own objects and attributes that you want to include. However, there are two points that you should consider:

  • As a general rule, Active Directory should hold only static or relatively static data. At the very least, the lifetime of the data has to be greater than the time to replicate to all DCs throughout the organization. When considering which objects to add, don't consider adding objects with very short life spans.

  • Any object that you include will have attributes that are held in the GC. For every type of object that you seek to store in Active Directory, check the schema class entry for that object to find out what attributes will be stored in the GC. Consider whether you need to add or remove items from that list by referring back to the design principles.



    		Preface
    		Part I: Active Directory Basics
    		Part II: Designing an Active Directory Infrastructure
    		Chapter 8. Designing the Namespace
    		8.1 The Complexities of a Design
    		8.2 Where to Start
    		8.3 Overview of the Design Process
    		8.4 Domain Namespace Design
    		8.5 Design of the Internal Domain Structure
    		8.6 Other Design Considerations
    		8.7 Design Examples
    		8.8 Designing for the Real World
    		8.9 Summary
    		Chapter 9. Creating a Site Topology
    		Chapter 10. Designing Organization-Wide Group Policies
    		Chapter 11. Active Directory Security: Permissions and Auditing
    		Chapter 12. Designing and Implementing Schema Extensions
    		Chapter 13. Backup, Recovery, and Maintenance
    		Chapter 14. Upgrading to Windows Server 2003
    		Chapter 15. Migrating from Windows NT
    		Chapter 16. Integrating Microsoft Exchange
    		Chapter 17. Interoperability, Integration, and Future Direction
    		Part III: Scripting Active Directory with ADSI, ADO, and WMI