Solved

Understanding trees, forests, etc in AD

Posted on 2009-05-14
5
531 Views
Last Modified: 2012-05-07
Hi

I am having a little trouble getting my head around forests, trees etc in AD.

So, I will give an example structure below and hope someone can help.

Let say my organisation is named Company.

I have one AD forest. If I look at the domain structure using ADUC, then I see two 'root' domains; Europe.company.com and US.Company.com

Europe.Company.com has child domains of UK.europe.company.com, France.europe.company.com and Germany.europe.company.com

In addition, UK.europe.company.com itself has two child domains of London.UK.Europe.company.com and Manchester.UK.Europe.Company.com

US.Company.com has two child domains; East.US.Company.com and West.US.Company.com

Would I be correct in saying there were two Trees here? Europe.Company.com and US.Company.com.

But what are the Leaves? And are there any other terms?

Also, what is the Forest root?

Any help appreciated!
0
Comment
Question by:bruce_77
  • 2
  • 2
5 Comments
 
LVL 6

Accepted Solution

by:
nettek0300 earned 300 total points
ID: 24390311
Company.com would be considered your forest, and europe.company.com and us.company.com are the trees.  There are no branches or leaves.  The link below provides a good explanation of them:

http://www.tech-faq.com/active-directory-tree-forest.shtml

If you google act. dir. forests and trees, you can find a lot of reading material on the subject.
0
 
LVL 2

Author Comment

by:bruce_77
ID: 24390405
Thanks...so what is the Forest Root - europe.company.com or us.company.com - or would it depend on which was created first?
0
 
LVL 18

Assisted Solution

by:Americom
Americom earned 200 total points
ID: 24390423
You have one forest company.com. The rest are just child domains. The forest root is the fist domain you have created like company.com, assuming this is the domain name. A forest with multiple tress usually consist of different domain names in the same forest such as compan1.com, company2.com etc.
See reference: http://technet.microsoft.com/en-us/library/dd441359(office.13).aspx
0
 
LVL 18

Expert Comment

by:Americom
ID: 24390448
Here are more references:
Acttive Dorectory Logical Models:
http://www.microsoft.com/technet/serviceproviders/wbh4_5/CMSU_CM_Plan_CONC_Alternative_Active_Directory_Design_Options.mspx?mfr=true

Expand the title of this link you will see other topics:
Single Forest and Single-domain model
Single Forest and Multiple-domain model
Multiple-Forests - Super Admin domain model
Multiple-FOrests - Super Admin Forest Model
0
 
LVL 2

Author Comment

by:bruce_77
ID: 24429572
Thanks guys.

Apparently, I've been told that we actually have two forests - Europe.company.com and US.company.com are two seperate forests, with a 2 way trust between them.

Is there any tool/view I can use to find out if we actually do have two forests or not?
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question