Solved

Domains Structure

Posted on 2007-11-23
10
262 Views
Last Modified: 2010-04-18
Hello,

Right basically I have a Windows 2003 server Standard Edition running company.com as a domain controller, DNS, DHCP (192.168.0.X), SQL, Exchange 2003. I know SQL and exchange is not a good practise, but there we are.

So now, I'm getting another server today at the company.com location to set it up, once its setup it will be moved to its hotel. Now company.com is a name front of several hotels. What we aim to do is have hotel1.company.com, hotel2.company.com etc as child domains under company.com.

We plan to keep 3 servers in a datacentre with MPLS lines going to the hotels. What we intend to do is have 1 server as company.com and the other 2 will be the hotel software and database's.

Now we can also have companyhotels.com as a new domain leaving company.com isolated as the head quarters. But we dont want this, as company.com owns companyhotels.com and the hotels beneath them. e.g. hotel1.companyhotels.com etc.  

So were looking for a way to structure this appropriately.
0
Comment
Question by:stesynth
  • 5
  • 3
  • 2
10 Comments
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 300 total points
ID: 20338448
You can use domain trusts to introduce companyhotels.com as a second (and subsequent) domain trees inside your forest.  Then you can assign permissions as needed.

Can I recommend strongly that you have at least two domain controllers for each domain.  Because this means a lot of o/s instances, I would also recommend that you consider using virtual machines to represent your client domains, as the pricing structure is beneficial.

If you need customer isolation then this is the way to go.  If not, then you could administer all systems in a single domain.  Remember, this is the Active Directory domain and does not necessarily have to match your DNS registrations on the Internet.
0
 
LVL 6

Assisted Solution

by:-DJL-
-DJL- earned 200 total points
ID: 20338550
Are you trying to match your internet domain structure with your active directory structure?

How many Computers/Users would there be in each domain (at each hotel)?  Is IT supported by you centrally or does each hotel have its own IT dept.

Would a single active directory domain based on company.com be a better solution?

0
 

Author Comment

by:stesynth
ID: 20338820
No, i'm not trying to match the Internet domain structure with active directory. What I'm going to do is instead use my exisiting forest and make a new domain tree with a different name.

Do you think thats possible?

A single active direcory is what I want really.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20338839
You can do this.  When you dcpromo you indicate that it is a new domain (not child) in the existing forest.
0
 
LVL 19

Assisted Solution

by:SteveH_UK
SteveH_UK earned 300 total points
ID: 20338846
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 6

Assisted Solution

by:-DJL-
-DJL- earned 200 total points
ID: 20338913
As SteveH_UK says you can do what your asking.

However, I think you really need to be asking yourself if you really need that many domains. How bigs your organisation?

What are you trying to achieve by having all these domains?
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20338930
I agree.  It doesn't sound sensible to have this number of Active Directory domains.  One AD domain with appropriate OUs and security may be sufficient.
0
 

Author Comment

by:stesynth
ID: 20339007
Its a International Chain of Exclusive Hotels. I think I know how many domains I need.
0
 
LVL 6

Expert Comment

by:-DJL-
ID: 20339033
Fair enough.

Good luck.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20339161
OK, but make sure you have two DCs per domain.  And a single forest will work.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now