Designing new AD structure
Posted on 2010-08-16
We are shortly going to be creating a new business unit, that requires a seperate AD forest from ours, so are thinking of potential designs for their AD 2008 structure.
Basically, they will have offices in emea, apac, usa and latam - multiple offices in multiple countries. They will have one Exchange org.
Some of my team are saying that we should create:
i) forest root: domain.com
ii) child domains of: emea.domain.com, apac.domain.com, usa.domain.com and latam.domain.com
However, I can't see the benefit of this - why not just one domain; domain.com, and split the continents into OU's, and have sub-OU's for the country etc?
Can anyone tell me the benefit of having multiple domains? The only one I can think of is password policy, since this is set in the Default Domain Policy, but I can't see that being an issue for us (unless apac want their own password policy to emea, say).