Active Directory Implementation – ITC Approach

Forest Model

ITC provide an overview of Forest Functionality to the customer discussing Schema, Global Catalogue and a definition of infrastructural elements such as domains and sites. Discussion is held regarding single vs. multiple forests and a recommended forest structure is proposed.

Domain Model

We provide an overview of Domain functionality with particular emphasis on the ability for a native mode Domain to potentially scale to millions of objects and thus enabling large organizations to implement single domain models which were previously impractical due to dated replication and the lack of inter scheduling and compression. Discussion is held on the single vs. multiple domain taking into account of – Number of domain controllers, centralised administration of AD objects, Organizational Units, Trusts, User relocation (WAN), Group Policy Management, Replication of AD objects. A recommended Domain structure is then presented.

DNS Design

Discussion of the hierarchical structure known also known as namespace. For certain sites we cover the merits – demerits of using 3rd party vs. Microsoft DNS with particular attention to

• Dynamic Updates
• Incremental Zone Transfers
• Scavenging
• Automatic Replication of Active Directory integrated Zones.

We put forward a Namespace Design which covers DNS names used by Windows 2000 / XP clients and NetBIOS names used by clients running earlier versions of Windows. We propose DNS Server Configuration which includes

• Server placement
• Zone placement
• Recursive name resolution method.

DNS Client configuration is covered with computer naming scheme and Resolver configuration.

OU Structure

Two main attributes are decided. Delegation of administration and application of Group Policy.
Simplicity is emphasized.

Service Placement

Our approach to Service placement is based primarily on Site Topology. Areas of good bandwidth are defined with respect to their relative slow interlinks. Bandwidth- efficient replication topology is designed with a view to providing local authentication and directory access mechanisms to clients. Advantage is taken of Microsoft’s Compression feature for WAN replication. Placement is decided for

• Domain Controllers,
• Global catalogue Server.

FSMO Role placement is broken into

• Forest level (Schema Master and Domain Naming Master) and
• Domain Level (PDC Emulator, RID Master and Infrastructure Master).

WINS Design

TechNiche recognise that down-level clients and certain applications require NetBIOS name resolution methods such as WINS or LMHost. The design process is governed by WAN traffic minimisation, administration effort reduction, redundancy and fault tolerance. Wins design is then submitted.

DHCP Design

In order to provide DNS, WINS, Default Gateway addresses along with NetBIOS Node Type. The objectives are similar to those of WINS design. Redundancy / Fault tolerance, Reduction in WAN traffic and streamlined administration Placement is as important as that of DNS Server placement. Scope splitting is generally proposed.

Typically after thorough discovery analysis a preliminary report detailing the above topics is provided on consultative bases followed by a comprehensive Project Plan outlining the various stages, timescales and resources required to bring to completion.

ITC use a range of proven project specific software tools provide by Microsoft, Quest ect to assist with migration or upgrade.