I am new to Active Directory. Our company would like to set up an AD environment globally in one-tree structure with three regional roots: Asia-Pacific zone, American zone and European zone. I understand the normal way to do this is to set up a global root, then start implementing with all the policies and configuration down to the root of the three regional zones, then the sub-zone of the regional zones. However, we would like to set...
up our zone first (we are one of the regional zones) then later down that track, we would join the root and form a triangle zone with the remaining two zones.
I would like to know:
1) Is it possible to join the root if we do it in a bottom up approach rather than a top down approach?
2) Apart from the naming convention (already agreed globally) would there be other things that need to be standardized globally? My concern is that if the root is going to use different standard (rather than the naming convention) we may have to redo the whole thing again to make our region join back to the root.
3) Would the effort be bigger to do it this way rather than the top-down approach?
The first domain that you create in an Active Directory forest becomes the forest root domain. This domain must remain the forest root for the lifetime of the Active Directory forest; it cannot be restructured to become the child of another domain without rolling up or migrating to a new Active Directory forest.
If you wish to pilot AD in a child organization before the parent orgs are ready, you will probably need to use the Active Directory Migration Tool or another third-party migration tool to restructure your forest environment later down the line. If you have decided as an organization that you will be moving to AD anyway, my best recommendation would be to plan and perform the entire rollout as a single, rational process, rather than launching ahead with a small portion of the upgrade that will likely need to be re-done at a later time. This includes determining a consistent naming convention for your DNS and AD domain names and zones, as well as organizational and naming conventions for your user and computer objects.
Dig deeper on Microsoft Active Directory Design and Administration
Related Q&A from Laura Hunter
Active Directory expert Laura E. Hunter explains to a reader what must be done to change the default display specifiers for new users in Active ...continue reading
Active Directory expert Laura E. Hunter offers a tip for shortening client wait times.continue reading
Active Directory expert Laura E. Hunter tells a reader what to keep in mind when deleting subnets associated with sites being removed in an ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.