12:50 PM
Kinsz
Domains are more of a blast than forests because lots of the genuine administrative work goes on at this level. It's where you place almost all of your users, groups, and resources.
It's where you allot most group policies, and almost all of the time it's where the servers that run all your services are. And, tHere's something truly neat about scanning through Active Catalog and finding the machine that?s running your web box, then find- ing the machine that contains your 70-680, and knowing full well you can make most anything you need occur (well, anything within the security policy, that's). You Do not want to start deleting or bringing down your servers. That wouldn?t be pleasing in any way.
Typically, this is founded on the kind of servers you've got and the operations which are currently being conducted. But don't forget, a domain?s functional level is limited by the forest?s operating level.
It's easy to go up, but hard to go down.Just like the Active Catalog forest operating level, each domain functional level has its own advantages and restrictions, as shown in Table 1.2.
For the needs of this book, which is geared at the large enterprise level, it is almost not worth debating the concept of single-domain architecture, but I will be able to for the sake of completeness.
A single-domain design is a design where inside a forest there is only one single domain, often functioning as a domain controller. At this level, most domain directors are also firm administrators. It's uncommon to see a situation in which a huge organisation has only one domain with no subdomains or other adminis- trative breakdowns.
The benefit to having a single domain is simpleness. If you have got everything in one spot, it's dif?cult to get lost in the maze of executive breakdowns, the schema may not be complicated, and Group Policy has less of a chance of running amok.
It's where you allot most group policies, and almost all of the time it's where the servers that run all your services are. And, tHere's something truly neat about scanning through Active Catalog and finding the machine that?s running your web box, then find- ing the machine that contains your 70-680, and knowing full well you can make most anything you need occur (well, anything within the security policy, that's). You Do not want to start deleting or bringing down your servers. That wouldn?t be pleasing in any way.
Typically, this is founded on the kind of servers you've got and the operations which are currently being conducted. But don't forget, a domain?s functional level is limited by the forest?s operating level.
It's easy to go up, but hard to go down.Just like the Active Catalog forest operating level, each domain functional level has its own advantages and restrictions, as shown in Table 1.2.
For the needs of this book, which is geared at the large enterprise level, it is almost not worth debating the concept of single-domain architecture, but I will be able to for the sake of completeness.
A single-domain design is a design where inside a forest there is only one single domain, often functioning as a domain controller. At this level, most domain directors are also firm administrators. It's uncommon to see a situation in which a huge organisation has only one domain with no subdomains or other adminis- trative breakdowns.
The benefit to having a single domain is simpleness. If you have got everything in one spot, it's dif?cult to get lost in the maze of executive breakdowns, the schema may not be complicated, and Group Policy has less of a chance of running amok.
About the Author:
A much more realistic design structure (one much more often seen both in the real world and on the MCTS Windows 7 Configuration) is a multiple-domain architecture wherein an organization has multiple MCITP Certification, locations, departments, or other signifying differentiations that require the administrative structure to be broken down into simpler parts.
0 comments:
Post a Comment