Active Directory and Group Policy (Windows Server 2012) best practices supposed do in a office Environment.

Dear Experts,

I would like to hear from all you about the implementation concept and best practices should be practised in an Office Environment - to expect best productivity, security and flexibility with in the department.

Please advice and share me the knowledge which you feels best. Thank you guys.

Shamil MohamedIT Infrastructure Engineer/IT Systems ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
If there was one "right" way to do the things you are asking about then there would be no settings to change our group policies. Entire books have been written about the subjects you've brought up. It is simply impossible to condense that knowledge into a response here. And the authors' out those books would black ball me for it.
Shamil MohamedIT Infrastructure Engineer/IT Systems ManagerAuthor Commented:
Haha... Thank you Cliff,

Then could i come back with one by one..??
Aaron TomoskySD-WAN SimplifiedCommented:
1. Use (any subdomain of a top level domain) as your domain name. You don't want to change this later it's a huge pita.

2. Have at least two domain controllers, and at least one of them offsite and/or in the cloud. Don't back them up its bad to restore them.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Shamil MohamedIT Infrastructure Engineer/IT Systems ManagerAuthor Commented:
Dear Aaron,

Thank you for you suggestion. As i tried to replicate a additional domain controller at offsite leads to terrible disaster once due to improper syncing, dfs error.. I dont know.. whole thing went crap.

After spending some nights at office made things back into track again.

One more thing i am still in very doubtful that implementing domain controller.

Is it wise to deploy domain controller in virtual. Considering that domain controller hosting into baremetal seems not economic.

Please advice me.

Thank you.
Aaron TomoskySD-WAN SimplifiedCommented:
Virtual is good, just make sure that at least one DC stays up if anything fails. So don't put them both on the same shared storage or host.
Shamil MohamedIT Infrastructure Engineer/IT Systems ManagerAuthor Commented:
is it ok if I put one dc in one cluster and another secondary dc in second cluster. but second cluster run in 2 different subnet ( one subnet is same as first cluster).

thank you
Aaron TomoskySD-WAN SimplifiedCommented:
It will work with a single DC. The question is what happens when a switch or host goes down. You know you infrastructure and what is safe better than I do.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.