When are multiple domains better than one?
When, if ever, should one consider multiple domains for the enterprise? Currently, we have all users in a single domain. Our European sites are requesting a domain for each country. Our primary application program is J.D. Edwards and we are using Lotus Notes. With Win2000, I don't see much advantage, if any, to going to multiple domains. Can you please comment?
The only reason that you should consider multiple domains is:
Some part of the company that will use the other domain will need a different Account/Password group policy.
The division that you need a separate domain for is going potentially be sold or separated from the main company.
The division of the company needs separation for security reasons such a government requirements.
That is about it. It typically makes much more sense to create another Organizational Unit (OU) as opposed to another domain. Creating another domain will result in needing many new servers throughout the enterprise if you expect to operate smoothly. In addition, the extra domains result in much more additional administrative work. The OUs are flexible and can be used to delegate authority if that is what these different divisions want. Different group policies can be applied to the different OUs. Objects can be moved in and out of OUs. It is simply a much better way to go.
This was first published in September 2003