ADS infrastructure design

[cm6043]

Hi All

I need help on designing Active Directory infrastructure and much appreciated if someone can provide me the information on following question.

Q1. For a company with offices in four different countries such as Taiwan, Australia, China and US. (Total 4000 users and each country have four branches). My question is that which ADS model is more suitable (one forest Single domain or one forest multiple domain)? And which replication topology (Hub-and-Spoke or Full-Mesh) will be the most suitable in this scenario

Q2. After migration to ADS, any action needed to be taken on client machine (such as manually join the new domain) ??


Q3. Is that possible to extract the user/group account information, shared folder permission from the NT or 2000 server using "SCRIPTS" ?


Regards


David Fan

 

[mitch141]

Hi David,

U need to look at a number of factors startig with.

1) Is the layout of the company enterpise, regional etc
2) Do you want to keep IT centralized or decentralized
3) How will the companies talk to each other i.e Dialup, T1 Line, Broadband?

I would personally go for mutliple domains due to the size of the company. Each one having its own domains and GC Servers etc that then talk to each other via the Schema. Make sure you can remotely manage the servers and have auduting setup so u can keep an eye on the local administrators and what they get up to. You will have to lock down the admin account and might even have to create specialised admin accounts depending on what access the local admin person is to have.

Stick to Hub and Spoke easier to manage.

To answer question 2 yes u will need to join the comps to the new domain name, or u can leave it to the DHCP server to that for u.

To answer question 3 look in the sys vol folder for the data you require. Also refer to the microsoft website on this type of migration.

I hope this helps, if u need any more info mail me at mitesh_121@hotmail.com