Domain Namespace Design

With Win2k's flexible Active Directory comes complexity. Here are six steps for effective namespace design.

Domain Namespace Design

Everyone can agree that Active Directory will be a more efficient Windows directory than the one in Windows NT 4.0. With this more flexible directory comes much more complexity.

So how do I create a domain namespace in Windows 2000 Active Directory? Well the answer will be longer than a single tip, but there is a single word answer that can get you headed in the right direction: Plan.

On that note, here are 6 steps toward effective namespace design (From Windows 2000 Active Directory by Alistair G. Lowe-Norris, O'Reilly and Associates, 2000).

  1. Decide on the number of domains
    Imagine one domain for all of your objects then make sure that each other domain created has a specific justification. You don't want to rename domains so make sure they will be static and will not become obsolete.
  2. Design and name the tree structure
    One domain will need to be the forest root. Once this is selected you will need to decide on a namespace naming scheme before you add additional trees.
  3. Design the workstation and server naming scheme
    Fully qualified Domain Names must be unique across the entire forest, so the addition of a unique prefix to identify a workstation or server can make the object name unique domain wide.
  4. Design the hierarchy of Organizational Units
    Organizational Units are much more flexible than Domains; administrative permissions are best applied in OUs.
  5. Design the users and groups
    Groups have only users or computers as members and can be used in assigning permissions to the members collectively.
  6. Design the Global Catalog
    The Global Catalog is needed to facilitate efficient searching of Active Directory.

For a more information on each of these steps and real world examples see Alistair G. Lowe-Norris's book Windows 2000 Active Directory.


This was first published in October 2000

Dig deeper on Microsoft Windows 2000 Server Administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close