Solved

Active Directory Design

Posted on 2006-10-27
6
183 Views
Last Modified: 2010-03-18
Hi!

I would like to run one Domain with Windows Server 2003 for 30-40 small companies (3-10 computers). To have one domain (company.local) and give all the companies access to domain services (Printers, Folder REdirection, Remote Access, DNS, DHCP, SharePoint ...). All the companies would be located in one bussines buliding, so there is no need to create Site (or I'm maybe wrong?) and I have only one server. There is no need to have more than one, becouse all the companies together would have cca. 100 employees.
There is one more "wish": Only the computers in the same company can see ich other, so that computer from company A can not see the computers from company B.

Is all this possible to do with AD design? Any suggestion? Please. ;-)
If not, please give me a hint how to solve this task'

Thanks a lot to all!!!

U.
0
Comment
Question by:urosl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 6

Accepted Solution

by:
camacho_marco earned 125 total points
ID: 17824197
You can create 1 domain, and use VLAN's to separate each company, in each vlan you can create access list's.

CHeers
0
 
LVL 2

Expert Comment

by:ACCUmarc
ID: 17824567
One domain and implementation of VLANs are going to be your best options.  Is there any particular reason why you need to "hide" each group from the others?
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 17825373
Well, I personally think you will need more than one server, if not just to allow for redundancy for your client customers..  you certainly don't want to go down the road of upsetting these customers if something goes south on your server...

VLANs would effectively stop Netbios broadcasts, but be prepared to purchase a higher end switch (layer 3) or a combination of a managed layer 2 switch with a good router...  

I think that if I were in your position, and if you don't have a really, really good understanding of all these concepts, I would hire an outside consultant to come in and discuss this with you...  I mean, this is business, and security for your customers is a prerequisite before you go any further..  interview some possible consultant candidates, and make sure they understand your business model before spending any money on hardware...

JMHO...

FE
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:urosl
ID: 17825707
Thanks all for the suggestions.

Yes, I will have at least two servers (2nd for redundancy) if the first goes down.

Yes, there is a reason why to hide comupters from each group: security. It you don't see the possible target you do not have the desire to come in for it. ;-)

This suggestion from Fatal_Exception about managed Layer3/2 switch is verry good idea. And of course I will do the consultation with IT expert for this.

Thanks a lot for your "worries" about my project and hope that some thay I can return you with my opinion.

By,
U.
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 17825873
No problem and best of luck with this!  Nice to see new business models, and entrepreneurs in the TA's....

FE
0
 
LVL 6

Expert Comment

by:camacho_marco
ID: 17838914
Thanks 4 the point Amigo!!!!

0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question