Link to home
Start Free TrialLog in
Avatar of urosl
urosl

asked on

Active Directory Design

Hi!

I would like to run one Domain with Windows Server 2003 for 30-40 small companies (3-10 computers). To have one domain (company.local) and give all the companies access to domain services (Printers, Folder REdirection, Remote Access, DNS, DHCP, SharePoint ...). All the companies would be located in one bussines buliding, so there is no need to create Site (or I'm maybe wrong?) and I have only one server. There is no need to have more than one, becouse all the companies together would have cca. 100 employees.
There is one more "wish": Only the computers in the same company can see ich other, so that computer from company A can not see the computers from company B.

Is all this possible to do with AD design? Any suggestion? Please. ;-)
If not, please give me a hint how to solve this task'

Thanks a lot to all!!!

U.
ASKER CERTIFIED SOLUTION
Avatar of camacho_marco
camacho_marco

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
One domain and implementation of VLANs are going to be your best options.  Is there any particular reason why you need to "hide" each group from the others?
Well, I personally think you will need more than one server, if not just to allow for redundancy for your client customers..  you certainly don't want to go down the road of upsetting these customers if something goes south on your server...

VLANs would effectively stop Netbios broadcasts, but be prepared to purchase a higher end switch (layer 3) or a combination of a managed layer 2 switch with a good router...  

I think that if I were in your position, and if you don't have a really, really good understanding of all these concepts, I would hire an outside consultant to come in and discuss this with you...  I mean, this is business, and security for your customers is a prerequisite before you go any further..  interview some possible consultant candidates, and make sure they understand your business model before spending any money on hardware...

JMHO...

FE
Avatar of urosl
urosl

ASKER

Thanks all for the suggestions.

Yes, I will have at least two servers (2nd for redundancy) if the first goes down.

Yes, there is a reason why to hide comupters from each group: security. It you don't see the possible target you do not have the desire to come in for it. ;-)

This suggestion from Fatal_Exception about managed Layer3/2 switch is verry good idea. And of course I will do the consultation with IT expert for this.

Thanks a lot for your "worries" about my project and hope that some thay I can return you with my opinion.

By,
U.
No problem and best of luck with this!  Nice to see new business models, and entrepreneurs in the TA's....

FE
Thanks 4 the point Amigo!!!!