Understanding multi-domain sites

Hi,

I am currently doing my MCIPT certification, and I have a query in regards to mutli-site multi-domains. If I create a domain called trey.net and then for another site create a researct.trey.net child domain, how do I configure the site in sites and services console? Do I also add the child domain as a site or do I keep them separate?

Whats the difference between creating a child domain and creating a completely separate domain and creating a trust between them?

thanks
Network_PadawanAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Blake_1Connect With a Mentor Commented:
Some points:

- Sites and Services is a forest-level configuration item, they are common to all Domains.  When you promote a Domain Controller it will prompt you for the site it is to be allocated to.
- 'One Domain per division' as a rule is a poor design choice.  As mkline has indicated, a single domain is preferable and there are a number of advantages of this the first of which is simplicity.  If there is a business requirement to have separate domains then sure, otherwise just use a single domain.
- Separate forests are really only used in a few scenarios eg simulation environment, company merger, corporate extranet, etc.  Avoid unless there is a business requirement.
0
 
Mike KlineConnect With a Mentor Commented:
You can use the same sites for your domain controllers as sites can span domains so lets say you have an HQ site in New York City you can have DCs from multiple domains in that site.

Not a big difference between the child domain and the separate domain in terms of AD.  You won't have to create a trust for the child and you get the contiguous namespace with the child domain.

I'd try to go for a single domain if possible but if you had to go with a second domain I'd go with the child vs a new tree.

Thanks

Mike
0
 
Network_PadawanAuthor Commented:
hi mkline, if i worked for a company that had 9 divisions, all with their own users and groups, different network, would they all be child domains or would it be better to have them as a different forest?

Im wondering about things like, what if the business wanted to sell that division?

Eg,

Do I create engineering.net and a remote site nepean.engineering or do I create nepean.net and create a trust?

I guess what I am looking for is, when, from a design point of view, do I create a new forest or create a subdomain and how does that affect the user and groups in terms of IT administration?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Network_PadawanAuthor Commented:
So if I have a site in Sydney, another in London, and another in NY, they should all be in the same single parent domain instead of 3 separate child domains? Why would that be?
0
 
Blake_1Commented:
Unless there is the need to separate the domains due to a business requirement, eg different administrators per region who do not work as part of a global team, or each location is a distinct business unit, then no.  Domains are not intended to group Active Directory geographically, this is what sites are for.
0
 
Mike KlineCommented:
Domains can also be seen as replication boundaries, in a global setup like that it is not uncommon to see a NorthAmerica, Europe, and Australia (or Asia).  



Thanks

Mike
0
 
Network_PadawanAuthor Commented:
Hi Mike,

Before I close this thread, are you suggesting that replication boundaries can be a good reason for child domain or no, thats not the case?

Lets say a company has bought out 6 companies, and they all work under their own business names but there is a centralized IT team. At the moment they all have trusts between child domains and whatnot, if I was to come in and propose a re-design, would I suggest a single domain?

What if someone asks me? What if we need to sell one of the companies?

Sorry Im just trying to get my head around what is the best design decision and why.
0
 
MidnightOneConnect With a Mentor Commented:
Sites and domains are entirely independent of one another. I use (and haven't really seen other uses in the real world) site as a boundary for replication and actual physical locations.

As far as domain design, the old rule was if you need different security you create a new domain. Under Windows 2008 and its multiple password policies options this is less true.

0
 
Network_PadawanAuthor Commented:
thanks
0
All Courses

From novice to tech pro — start learning today.