8.9 Summary

In this chapter, we presented a series of seven steps toward effective namespace design:

  1. Decide on the number of domains.

  2. Design and name the tree structure.

  3. Design the workstation and server naming scheme.

  4. Design the hierarchy of Organizational Units.

  5. Design the users and groups.

  6. Design the Global Catalog.

  7. Design the application partition structure.

Following these seven steps allows you to solve the two main objectives of this chapter:

  • Come up with an Active Directory namespace design to represent the structure of your business.

  • Minimize the number of domains by making much more use of the more flexible Organizational Units.

While we've shown you how to start to design your Active Directory, there is still a long way to go. Designing the namespace of domains, trees, and forests and the internal Organizational Unit hierarchy according to the guidelines given here means that you should have a structural template that represents your business model within the preceding restrictions. Hopefully this design makes sense in terms of your organization and will be simpler to manage.

The rest of the design still needs to be completed. You need to look at the low-level network links between sites and how they will affect your replication decisions. You then need to tackle the subject of how to revise the initial namespace design based on Group Policy Objects, security delegation and auditing, schema changes, and so on. Next we'll move on to designing the physical site topology that the DCs use when communicating with one another.

    Part II: Designing an Active Directory Infrastructure
    Part III: Scripting Active Directory with ADSI, ADO, and WMI