Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 355
  • Last Modified:

Understanding multi-domain sites

Hi,

I am currently doing my MCIPT certification, and I have a query in regards to mutli-site multi-domains. If I create a domain called trey.net and then for another site create a researct.trey.net child domain, how do I configure the site in sites and services console? Do I also add the child domain as a site or do I keep them separate?

Whats the difference between creating a child domain and creating a completely separate domain and creating a trust between them?

thanks
0
Network_Padawan
Asked:
Network_Padawan
  • 4
  • 2
  • 2
  • +1
3 Solutions
 
Mike KlineCommented:
You can use the same sites for your domain controllers as sites can span domains so lets say you have an HQ site in New York City you can have DCs from multiple domains in that site.

Not a big difference between the child domain and the separate domain in terms of AD.  You won't have to create a trust for the child and you get the contiguous namespace with the child domain.

I'd try to go for a single domain if possible but if you had to go with a second domain I'd go with the child vs a new tree.

Thanks

Mike
0
 
Network_PadawanAuthor Commented:
hi mkline, if i worked for a company that had 9 divisions, all with their own users and groups, different network, would they all be child domains or would it be better to have them as a different forest?

Im wondering about things like, what if the business wanted to sell that division?

Eg,

Do I create engineering.net and a remote site nepean.engineering or do I create nepean.net and create a trust?

I guess what I am looking for is, when, from a design point of view, do I create a new forest or create a subdomain and how does that affect the user and groups in terms of IT administration?
0
 
Blake_1Commented:
Some points:

- Sites and Services is a forest-level configuration item, they are common to all Domains.  When you promote a Domain Controller it will prompt you for the site it is to be allocated to.
- 'One Domain per division' as a rule is a poor design choice.  As mkline has indicated, a single domain is preferable and there are a number of advantages of this the first of which is simplicity.  If there is a business requirement to have separate domains then sure, otherwise just use a single domain.
- Separate forests are really only used in a few scenarios eg simulation environment, company merger, corporate extranet, etc.  Avoid unless there is a business requirement.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
Network_PadawanAuthor Commented:
So if I have a site in Sydney, another in London, and another in NY, they should all be in the same single parent domain instead of 3 separate child domains? Why would that be?
0
 
Blake_1Commented:
Unless there is the need to separate the domains due to a business requirement, eg different administrators per region who do not work as part of a global team, or each location is a distinct business unit, then no.  Domains are not intended to group Active Directory geographically, this is what sites are for.
0
 
Mike KlineCommented:
Domains can also be seen as replication boundaries, in a global setup like that it is not uncommon to see a NorthAmerica, Europe, and Australia (or Asia).  



Thanks

Mike
0
 
Network_PadawanAuthor Commented:
Hi Mike,

Before I close this thread, are you suggesting that replication boundaries can be a good reason for child domain or no, thats not the case?

Lets say a company has bought out 6 companies, and they all work under their own business names but there is a centralized IT team. At the moment they all have trusts between child domains and whatnot, if I was to come in and propose a re-design, would I suggest a single domain?

What if someone asks me? What if we need to sell one of the companies?

Sorry Im just trying to get my head around what is the best design decision and why.
0
 
MidnightOneCommented:
Sites and domains are entirely independent of one another. I use (and haven't really seen other uses in the real world) site as a boundary for replication and actual physical locations.

As far as domain design, the old rule was if you need different security you create a new domain. Under Windows 2008 and its multiple password policies options this is less true.

0
 
Network_PadawanAuthor Commented:
thanks
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now