The goal of this paper is to facilitate the design process for those DOE sites that are currently engaged in designing their Active Directory (AD) network. It is a roadmap to enable analysis of the complicated design tradeoffs associated with Active Directory Design. By providing discussion of Active Directory design elements which are permanent and costly to change once deployed, the hope is to minimize the risks of sponsoring failed designs, or joining existing infkastructures not suitable to programmatic needs. Specifically, most Active Directory structures will fall under one of three common designs: Single Domain, Single Forest with Multiple Domains, or Multiple Forests. Each has benefits and concerns, depending on programmatic and organizational structures. The comparison of these three approaches will facilitate almost any Active Directory design effort. Finally, this paper describes some best practices to consider when designing Active Directory based on three years of research and experience.
PDF
download
878987797
028-85220240
