We help IT Professionals succeed at work.

Active Directory Design

urosl
urosl asked
on
Medium Priority
226 Views
Last Modified: 2010-03-18
Hi!

I would like to run one Domain with Windows Server 2003 for 30-40 small companies (3-10 computers). To have one domain (company.local) and give all the companies access to domain services (Printers, Folder REdirection, Remote Access, DNS, DHCP, SharePoint ...). All the companies would be located in one bussines buliding, so there is no need to create Site (or I'm maybe wrong?) and I have only one server. There is no need to have more than one, becouse all the companies together would have cca. 100 employees.
There is one more "wish": Only the computers in the same company can see ich other, so that computer from company A can not see the computers from company B.

Is all this possible to do with AD design? Any suggestion? Please. ;-)
If not, please give me a hint how to solve this task'

Thanks a lot to all!!!

U.
Comment
Watch Question

You can create 1 domain, and use VLAN's to separate each company, in each vlan you can create access list's.

CHeers

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Commented:
One domain and implementation of VLANs are going to be your best options.  Is there any particular reason why you need to "hide" each group from the others?
Fatal_ExceptionSystems Engineer
Top Expert 2005

Commented:
Well, I personally think you will need more than one server, if not just to allow for redundancy for your client customers..  you certainly don't want to go down the road of upsetting these customers if something goes south on your server...

VLANs would effectively stop Netbios broadcasts, but be prepared to purchase a higher end switch (layer 3) or a combination of a managed layer 2 switch with a good router...  

I think that if I were in your position, and if you don't have a really, really good understanding of all these concepts, I would hire an outside consultant to come in and discuss this with you...  I mean, this is business, and security for your customers is a prerequisite before you go any further..  interview some possible consultant candidates, and make sure they understand your business model before spending any money on hardware...

JMHO...

FE

Author

Commented:
Thanks all for the suggestions.

Yes, I will have at least two servers (2nd for redundancy) if the first goes down.

Yes, there is a reason why to hide comupters from each group: security. It you don't see the possible target you do not have the desire to come in for it. ;-)

This suggestion from Fatal_Exception about managed Layer3/2 switch is verry good idea. And of course I will do the consultation with IT expert for this.

Thanks a lot for your "worries" about my project and hope that some thay I can return you with my opinion.

By,
U.
Fatal_ExceptionSystems Engineer
Top Expert 2005

Commented:
No problem and best of luck with this!  Nice to see new business models, and entrepreneurs in the TA's....

FE
Thanks 4 the point Amigo!!!!

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.