Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Domain naming conventions/best practices.  Will be deploying Exchange.

Posted on 2004-10-30
4
Medium Priority
?
456 Views
Last Modified: 2010-04-19
I work for a company that is technically "one" company located in two different cities.  Both offices are so independant of each other.  They actually act like two separate companies.  They have separate IT infratructure, separate payroll and account and separate revenue.  Which may be changing.

I have created a domain for one city last year and was told at that time, that the two cities would never need to have a common netowrk infrastructure.  (I did state my case on why they should be and was informed that if the other city chose to create an AD they would be in their own separate forest and domain and manageit their own way).   So with that being said, I created my domain name based on corp.city1.comapany.ca with the knowledge that the two offices will never need any sort of common IT infrastructure.  I figured it was a nice designation of the single network.

Now that management in the other city has changed, the company is evolving and resources from both offices needing access to IT resources in both cities, the talk of deploying exchange corporate wide is now on the table.  The other city will be creating a domain in order to deploy exchange and I've been tasked to lead this whole creation.

With that being said, what would be the best naming convention/deployment solution for the new network.

I would love to rename my domain to corp.company.ca and have two sites in one domain (one in each city), but that is not an option.  I have thought about this and since I have never worked in a multi domained environement (and never deployed one) I would love some feedback.

Can the other domain be the same one I have created (corp.city2.company.ca) and still be part of the same forest?  

I "think" that with the corp in the front and users logging into "corp", it will not know if it's city1, or city2.  That's my concern.

Or should I rename mine to city1.company.ca and the new domain to city2.company.ca?  Thius making people logging into their respective cities, which is their respective domain.

Thanks.
0
Comment
Question by:crazycanuck42
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 12454270
Depending on the resources I would consider a single forest, mutiple domain model.
Have three domains - one for each city and a single resource domain. The resource domain contains the Exchange server and anything else that needs to be shared by all users (perhaps finance and file servers at a later date). It doesn't contain any users.
The users have their accounts in the city domain but can access other resources in the other domain, depending on the permissions that have been set.

You cannot have two domains both called corp, so you should change them to just city1, city2 etc. It puzzles me as to why you used a sub sub domain anyway. If I was setting it up, I would have used the main domain (company.ca) or at most a single sub domain - perhaps "ad.company.ca".

However this all depends on how large the two sites are and what kind of connection is available between the two sites. If we are talking 15 users per office, then it is a total overkill and I would go for a single domain model, with each office having its own dc and possibly Exchange server.
If we are talking 200 users per office, then perhaps either of the scenarios are justified.

Yet if the link between the two sites can only be a wet bit of string at best, then a different model, perhaps seperate domains with trusts might be the better option.

Simon.
0
 
LVL 11

Expert Comment

by:WeHe
ID: 12456431
other considerations:
if you want a complete isolated enviroment, you need 2 forests.
if you have w2k3 domains, you can establish forest trusts to connect them and use the ad's of both.
(but they must have different names)
the easier to administer solution will be a single-domain model and usage of sites.
to serve your spn login needs, you have to make a 3 domain model (root and one domain per site)
0
 

Author Comment

by:crazycanuck42
ID: 12458140
Thanks Sembee... the reson for the sub domain was decided upon well before I got here.  I wanted just city1.company.ca but that collided with some other naming convention that was in place.  Also, it was mentioned that within the city would separate into two companies with two networks, but now that's not going to happen.  

In the three domain model, would I need an exhange front end server with a DC in company.ca and two backend exchange with DC's in city1.company.ca and city2.company.ca?

The link between the offices are basically unlimited.  Right now it's on a 10 MB lan extension, but we actually have OC12 lines connecting the office that I can tap some bandwidth from.  We have about 100 users in each city and 10 more in a third city connected through dual T1.  

What would be the best naming convention with the three domain model?  It has already been agreed that the two forest model is not an option.  I would prefer the one domain model, but I don't hink that would get approval.  Can I get away with a two domain model?  
0
 
LVL 104

Accepted Solution

by:
Sembee earned 1200 total points
ID: 12458486
If you went the three domain, single forest model, then all the Exchange resources would sit in the third resource domain - even if this meant that there was an Exchange server in both offices. The problem with this model is hardware. If you went down that path it would require at least eight servers, and that is without redundancy.

Resource domain.
2 x DC (one in each office)
2 x Exchange (one in each office)

City 1 Domain
1 x DC
1 x File and everything else server

City 2 Domain
1 x DC
1 x File and everything else server.

Ideally you should have two domain controllers in each domain.

As for Exchange, a front-end server provides resources for the backend servers, and cannot serve more than one domain. Therefore it would either have to serve Exchange servers in the same domain, or you would need two front-ends, one for each domain. It depends on the model you go for.

However with only 100 users in each city, I would probably consider a single domain, single forest scenario.
Exchange server and DCs in each office to keep the internetwork traffic down. The users can move between offices quite happily and access resources in both sites.
If you need to create login scripts, drive mappings etc, then there are techniques that can be used to identify what site a user is on, or which site they belong to and fire settings appropriately.

Simon.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question