Solved

Active Directory Design

Posted on 2006-10-27
6
182 Views
Last Modified: 2010-03-18
Hi!

I would like to run one Domain with Windows Server 2003 for 30-40 small companies (3-10 computers). To have one domain (company.local) and give all the companies access to domain services (Printers, Folder REdirection, Remote Access, DNS, DHCP, SharePoint ...). All the companies would be located in one bussines buliding, so there is no need to create Site (or I'm maybe wrong?) and I have only one server. There is no need to have more than one, becouse all the companies together would have cca. 100 employees.
There is one more "wish": Only the computers in the same company can see ich other, so that computer from company A can not see the computers from company B.

Is all this possible to do with AD design? Any suggestion? Please. ;-)
If not, please give me a hint how to solve this task'

Thanks a lot to all!!!

U.
0
Comment
Question by:urosl
6 Comments
 
LVL 6

Accepted Solution

by:
camacho_marco earned 125 total points
ID: 17824197
You can create 1 domain, and use VLAN's to separate each company, in each vlan you can create access list's.

CHeers
0
 
LVL 2

Expert Comment

by:ACCUmarc
ID: 17824567
One domain and implementation of VLANs are going to be your best options.  Is there any particular reason why you need to "hide" each group from the others?
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 17825373
Well, I personally think you will need more than one server, if not just to allow for redundancy for your client customers..  you certainly don't want to go down the road of upsetting these customers if something goes south on your server...

VLANs would effectively stop Netbios broadcasts, but be prepared to purchase a higher end switch (layer 3) or a combination of a managed layer 2 switch with a good router...  

I think that if I were in your position, and if you don't have a really, really good understanding of all these concepts, I would hire an outside consultant to come in and discuss this with you...  I mean, this is business, and security for your customers is a prerequisite before you go any further..  interview some possible consultant candidates, and make sure they understand your business model before spending any money on hardware...

JMHO...

FE
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:urosl
ID: 17825707
Thanks all for the suggestions.

Yes, I will have at least two servers (2nd for redundancy) if the first goes down.

Yes, there is a reason why to hide comupters from each group: security. It you don't see the possible target you do not have the desire to come in for it. ;-)

This suggestion from Fatal_Exception about managed Layer3/2 switch is verry good idea. And of course I will do the consultation with IT expert for this.

Thanks a lot for your "worries" about my project and hope that some thay I can return you with my opinion.

By,
U.
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 17825873
No problem and best of luck with this!  Nice to see new business models, and entrepreneurs in the TA's....

FE
0
 
LVL 6

Expert Comment

by:camacho_marco
ID: 17838914
Thanks 4 the point Amigo!!!!

0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question