Active
Directory in Networks Segmented by Firewalls
This white paper describes best practices for
deploying Active Directory domain controllers
in segmented networks and includes detailed procedures
for configuring IPSec policies to protect Active
Directory traffic between domain controllers on
opposite sides of a firewall and recommended practices
for managing IPSec policies that are assigned
to domain controllers. Source: Microsoft.com
Best
Practices for Designing the Active Directory
Structure
This TechNet Briefing provides an introduction
to Active Directory design and assumes no prior
exposure to Active Directory. Shows how to design
an Active Directory structure using best practices
from Microsoft©s Joint Development Partners.
Designing
an Active Directory naming scheme
If you'd like to learn more about fully qualified
domain names in large organizations, an excellent
poster comes with the Windows 2000 Server Resource
Kit. This poster illustrates the concepts that
I've discussed in this article in an easy-to-follow
format. Source: EarthWeb
DNS Namespace Planning
Microsoft Knowledge Base Article: 254680 - The
resolution of names through the use of Domain
Name System (DNS) is central to Windows 2000
operation. Without proper name resolution, users
cannot locate resources on the network. It is
critical that the design of the DNS namespace
be created with Active Directory in mind and
that the larger namespace that exists on the
Internet not conflict with an organization's
internal namespace
DNS
Requirements for Deploying Active Directory
This document provides checklists for verifying
sufficient resources for the Domain Name Service
(DNS) infrastructure when deploying the Windows©
2000 Active Directory? service. Alternatively,
you can use the dcdiag command line tool to
automatically verify whether you have the configuration
described in this document. You may download
the tool from here.
Source: Microsoft.com
Establishing
an Active Directory structure: Planning AD domains,
forests, and trusts
Rolling out a Windows 2000 Active Directory
on your network is no easy task. This is the
second part of a series that will guide you
through the steps of creating an effective Windows
2000 Active Directory structure for your network.
Source: EarthWeb (Aug 24, 2000)
Establishing
an Active Directory structure: Designing an
AD naming scheme
This is the first part of a multi-article series
that will guide you through the steps of creating
an effective Windows 2000 Active Directory structure
for your network. Source: EarthWeb (Aug
24, 2000)
Guide
to Active Directory Design
This white paper presents a brief summary and
overview of current design principles for corporations
that are in the planning stages of deploying
Microsoft© Windows? 2000
Server and Microsoft Active Directory©. This
white paper presents some of the high-level
design decision points that a large corporation
must consider and validate within the corporation's
environment. Source: Microsoft.com (Sept 11,
2000)
HOW TO: Create a
Single Domain Tree with Two Domains in Windows
2000
Microsoft Knowledge Base Article: 317696 - Every
Domain Name System (DNS) name of a child domain
in a hierarchy contains the name of the parent
domain. This step-by-step article describes
how to create a continuous namespace that spans
two domains by adding a child domain.
Planning
Active Directory domains, forests, and trusts
In the first article of this series, " Designing
an Active Directory naming scheme ," Brein Posey
discusses the importance of using a well-organized
naming structure in developing your Active Directory
layout. Source: EarthWeb
Planning
for a Global Directory Service
Downloadable whitepaper from Microsoft, describes
how companies can minimize costs, improve functionality
and increase their ability to respond to change
by consolidating directories and implementing
a global directory service. Source: Microsoft.com
Sizing
Guidelines for Windows 2000 Domain Controller
and Global Catalog Server
Information Technology (IT) administrators
may not have the expertise or resources to adequately
test Windows 2000 Servers to determine
the hardware requirements for their environment.
This white paper details the methodology used
by one customer in conjunction with Microsoft
Consulting Services. It also describes the test
results, which could assist administrators in
sizing their own infrastructure hardware correctly.
Windows 2000 Domain Architecture: Design Alternatives
This document presents alternatives for designing
the Microsoft© Windows? 2000 Active Directory?
service, particularly for Domain architecture
and Organizational Unit (OU) hierarchy. It discusses
the pros and cons of various Active Directory
deployment architectures and assumes that readers
are already familiar with Active Directory.
Source: Microsoft.com (March 2002)
Windows 2000 DNS Integration
The purpose of this paper is to describe how
Microsoft Windows 2000 systems utilize the Domain
Name Service (DNS) to register and locate resources
within a Windows 2000 network, and to discuss
the issues related to integrating Windows 2000
in an existing DNS environment. by Morgan Stern,
Consultant, Global Engineering - Microsoft Alliance
Windows
2000 Active Directory Design: Restricting the
Enterprise Administrators Group
Windows 2000 offers an entirely new paradigm
to the design of a domain hierarchy. In previous
versions of Windows NT, each domain was a virtual
island. If users wished to access resources
in different domains, a complex system of manual
trusts was necessary to facilitate this. By
James Barrett, Senior Network Systems Consultant.
June 2000
Windows 2000 Active Directory Design - Dedicated Forest
Root
Microsoft's Windows 2000 operating system offers
an organization a significant amount of new
functionality and design flexibility. However,
these benefits do come at a price; design complexity
has increased considerably. By Peter J. Salmeri
& James N. Barrett. May, 2000 |
