[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 520
  • Last Modified:

Single Forest/Single Domain utilizing OU/Sites - Is it Secure

Current Environment:
We have 3 administrators all having the same role (all trusted)

We have 3 separate single forest/single domains (staff.domain, lab.domain, and public.domain) to accommodate 3 separate functional areas (staff, labs and public). Each functional area has no access to the other areas all separated by vlans.  

Each forest/domain has two 2003 server domain controllers.  It was set up initially this way as a way to restrict access from each other.

Staff is made up of one subnet, public has 3 subnets and labs have 2 subnets. Each functional area has own resources and policies.

We are in the process of redesigning network.  We now have Windows 2008 R2.  Without compromising security between the functional areas, is it possible to redesign to create a single forest with a single domain using OUs and sites?   Total objects among all 3 domains are less than 1000.

Most documentation is geared at large geographical companies over WANS.  I am having a difficult time applying to our small environment.  We do not use Exchange.   Any suggestions would be most appreciated.  I can provide additional info.

What would be the pros/cons or if even feasible.
0
cspiegel
Asked:
cspiegel
  • 3
  • 2
3 Solutions
 
rharland2009Commented:
Do you need trusted relationships of any kind between the sites/OUs, or would their functional separation remain intact? It sounds like this, but I wanted to verify.

0
 
cspiegelAuthor Commented:
The only thing in common are the administrators.  No shared resources.  
0
 
rharland2009Commented:
You should be all set. All you'll lose is administrative overhead, in my opinion.

Link for domain migration, if you didn't want to start from scratch...

http://www.microsoft.com/downloads/details.aspx?familyid=B1F816C0-4E2B-4E5D-B256-1AC304062367&displaylang=en
0
 
cspiegelAuthor Commented:
Thanks, I am going to set up some virtual servers and test.  Have to run today but back at it on Monday.  I might have to ask for assistance along the way.  I will start Monday.  Thanks so much, I was a netware girl and am slowly grasping microsoft!
0
 
rharland2009Commented:
No problemo! It's fun to find out....
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now