Lesson 1: Design Overview

Previous page
Table of content
Next page

This lesson introduces you to the Active Directory infrastructure design. It also explains the tools you need to create an infrastructure design and provides an overview of the design process.

After this lesson, you will be able to

  • State the function of an Active Directory infrastructure design
  • Explain the benefits of creating an Active Directory infrastructure design
  • Describe the resources necessary to create an Active Directory infrastructure design
  • Describe the Active Directory infrastructure design process
  • Recall the design guiding principles

Estimated lesson time: 10 minutes

What Is an Active Directory Infrastructure Design?

Before you implement Active Directory in your organization, you need to devise some type of plan. An Active Directory infrastructure design is a plan you create that represents your organization's network infrastructure. You use this plan to determine how you will configure Active Directory to store information about objects on your network and make the information available to users and network administrators. This self-paced training kit provides a framework for developing your Active Directory infrastructure design.

Because your Active Directory infrastructure design is key to the success of your Windows 2000 deployment, you must thoroughly gather information for, develop, and test your design before deployment. A significant amount of rethinking, redevelopment, and retesting may also be necessary at various points during the design process to ensure that your design meets the needs of your organization. An effective infrastructure design helps you provide a cost-effective deployment, eliminating the need to spend time and money reworking your infrastructure.

Design Tools

To develop an effective Active Directory infrastructure design, you must assemble the following tools:

  • Design team
  • Business and technical analyses
  • Test environment

Assembling a Design Team

Before you begin designing your Active Directory infrastructure, you must identify the people in your organization who should be involved in the design process and assemble them into a design team. The obvious candidates for the design team are the system and network administrators. However, because your infrastructure design must encompass enterprise-wide business requirements, the team must also include input from staff and management who represent a cross section of your organization. To ensure that all aspects of your organization are addressed in your Active Directory implementation, you may want to employ a multilevel team design consisting of three panels:

  • Infrastructure designers
  • Staff representatives
  • Management representatives

The infrastructure designers panel consists of the key personnel involved in designing your Active Directory infrastructure. To avoid slowdowns that naturally occur when a number of people are involved in making decisions, the infrastructure designers have authority and are the driving force behind the infrastructure design process. Although the number of members may vary depending on the size of the organization, the infrastructure designers panel should contain system administrators, network administrators, and members of the information technology management organization. During the design process, infrastructure designers function as consultants, performing the following tasks:

  • Interviewing staff and management representatives to understand their business and their customers
  • Interviewing staff and management representatives to determine system needs
  • Interpreting system needs and incorporating them into infrastructure design decisions
  • Facilitating collaborative design decisions between business units

The skills set for infrastructure designers must include both Windows 2000 technical skills and soft skills. Soft skills are the abilities to "read" people and to communicate and collaborate with them in a diplomatic fashion. Though it's imperative for members of this panel to maintain a high level of Windows 2000 and Active Directory knowledge, it is also extremely important for the members to be proficient in interviewing people, understanding business needs, and facilitating a collaborative environment between people and business units in an organization. Almost three-fourths of the time spent developing an infrastructure design may be spent working with people to determine organizational needs. Infrastructure designers who lack soft skills may require additional training to ensure the success of their Active Directory infrastructure design.

NOTE

This self-paced training kit assumes that you are an infrastructure designer or one of the key personnel involved in designing the Active Directory infrastructure for your organization.

The staff representatives panel consists of personnel throughout the organization who are responsible for carrying out daily operations. The panel should contain an exemplary staff member from each business unit or department within the organization. During the design process, staff representatives function as advisors, performing the following tasks:

  • Communicating information about business functions and customers to infrastructure designers
  • Communicating business needs to infrastructure designers
  • Communicating and collaborating with staff representatives from other business units in the enterprise to make infrastructure design decisions
  • Reviewing design decisions made by infrastructure designers

The skills set for staff representatives must include the ability to understand and openly communicate business needs for the business unit they represent and an interest in taking part in infrastructure design. It is not necessary for staff representatives to maintain high levels of Windows 2000 technical knowledge.

The management representatives panel consists of management level personnel who are responsible for approving business decisions within the organization. The panel should contain a selected group of upper-level business unit managers. Management representatives must have the authority and ability to approve and support design decisions made by infrastructure designers at each stage of the design development process. Requiring management approval at each stage of development invites scrutiny throughout the design process and encourages managerial support for the finished design. During the design process, management representatives function as advisors and gatekeepers, performing the following tasks:

  • Communicating information about business functions and customers to infrastructure designers
  • Communicating business needs to infrastructure designers
  • Communicating and collaborating with management representatives from other business units in the enterprise to make infrastructure design decisions
  • Reviewing and approving design decisions made by infrastructure designers

The skills set for management representatives must include the ability to understand and openly communicate business needs within the business unit they represent and an interest in taking part in infrastructure design. It is not necessary for management representatives to maintain high levels of Windows 2000 technical knowledge.

Figure 2.1 shows the design team assembled by Hiabuv Toys, a fictitious toy company. Note that communication and information flows between the staff and management representatives while it ultimately flows up to the infrastructure designers.

click to view at full size

Figure 2.1 Multilevel team design for Hiabuv Toys

The design team members selected for each panel must be willing and be permitted to commit their time and talents throughout the design process to ensure that the infrastructure design effectively meets the requirements of their organization.

Analyzing Business and Technical Environments

After you've assembled a design team, the next design tools you need to assemble are analyses of your organization's business and technical environments. Most often, your organization will have a business infrastructure or network already in place; it's up to you as an infrastructure designer to call on members of the design team to help you assemble documentation about these environments. You will learn how to analyze your business and technical environments in Lessons 2 and 3.

REAL WORLD

Read the "Designing in the Real World: Pre-Design Processes" interview with Dave Trulli, Program Manager, Microsoft Corporation, for a real-world perspective on some pre-design processes, including assembling a design team, gathering information for business and technical environment analyses, and distributing information to members of the design team. You can find the interview on the Supplemental Course Materials CD-ROM (\chapt02\Interview).

Testing Environment

After you complete your infrastructure design, you should be prepared to test it in a test environment. A test environment is a simulation of your production environment that allows you to test parts of your Windows 2000 deployment, such as your Active Directory infrastructure design, without risk to your organization's network. To ensure the success of your organization's Windows 2000 deployment, your organization should establish a test environment.

IMPORTANT

Building a Windows 2000 test lab and the planning and conducting of tests in the lab are beyond the scope of this course. For more information on the lab development and testing processes, refer to the Microsoft Windows 2000 Server Deployment Planning Guide volume of the Microsoft Windows 2000 Server Resource Kit.

By setting up your infrastructure design in a test environment, you will be able to see how the design actually works and determine whether any changes are necessary for improvement. Setting up your design in a test environment is an invaluable tool in the development of an effective design.

The Design Process

After you've assembled your design team, gathered business and network analyses, and established a test environment, you're ready to begin planning your infrastructure design. As illustrated in Figure 2.2, the Active Directory infrastructure design process consists of four stages:

  1. Creating a Forest Plan
  2. Creating a Domain Plan
  3. Creating an Organizational Unit Plan
  4. Creating a Site Topology Plan

click to view at full size

Figure 2.2 Stages of the Active Directory infrastructure design process

You should be aware that designing your Active Directory infrastructure is an iterative process—you will be revisiting each stage of the process several times before your design is ready for implementation.

Stage One—Creating a Forest Plan

During this stage, you consult your business and technical analysis documents and assess the forest structure your organization requires. You also assess any changes currently planned to address growth and flexibility needs and changes that would help meet the ideal design specifications of the organization. From these assessments you design a forest model.

In this stage you also create a schema modification policy, a plan that outlines who has control of the schema and how modifications that affect the entire forest are administered. You assess an organization's schema needs and, adhering to the schema modification policy, you determine whether to modify the schema. If it is necessary to modify the schema you design a schema modification plan.

Stage Two—Creating a Domain Plan

When you create a domain plan, you consult your business and technical analysis documents and assess the domain structure your organization requires. You also assess any changes currently planned to address growth and flexibility needs and changes that would help meet the ideal design specifications of the organization. From these assessments, you define domains, define the forest root domain, and define a domain hierarchy. Then you assess domain naming needs and choose names for each domain in the organization. Finally, you plan DNS server deployment by assessing the organization's current DNS server environment and determining the placement of DNS servers. To determine the placement of DNS servers, you plan additional zones, determine the existing DNS services employed on DNS servers, and determine the zone replication method to use. The end result of a domain plan is a domain hierarchy diagram that includes domain names and planned zones.

Stage Three—Creating an Organizational Unit Plan

During this stage, you consult your business and technical analysis documents and assess the organizational unit (OU), user, and group structure your organization requires. You also assess any changes currently planned to address growth and flexibility needs and changes that would help meet the ideal design specifications of the organization. From these assessments you define an OU structure and then plan user accounts and groups. The end result of an OU plan is a diagram of OU structures for each domain, a list of users in each OU, and a list of groups in each domain.

Stage Four—Creating a Site Topology Plan

During the final phase of the design process, you consult your business and technical analysis documents and assess the site topology your organization requires. You also assess any changes currently planned to address growth and flexibility needs and changes that would help meet the ideal design specifications of the organization. From these assessments, you design a logical representation of an organization's physical network. Creating a site topology plan includes defining sites, placing domain controllers, defining a replication strategy, and placing global catalog servers and operations masters within a forest. The end result of a site topology plan is a site diagram that includes domain controllers, operations masters roles, site links, and a site link table that provides details about site link configurations. Depending on the needs of the organization, a site topology plan may also include a site link bridge table and a preferred bridgehead server table.

Design Guiding Principles

As you design your Active Directory infrastructure, you should keep the following design guiding principles in mind:

  • Design for simplicity. Simple infrastructures are easier to explain, maintain, and debug. However, more complex structures can add value that cannot be attained through simpler designs. Your design team must be prepared to analyze the effects of added complexity to determine whether such a structure is justified.
  • Design to accommodate change. Change will affect your organization. Your design team should consider how changes can affect your Active Directory infrastructure and plan a design that can accommodate them.
  • Design to meet ideal design specifications. Construct the first pass of your design to meet your organization's ideal infrastructure design specifications. Your design team can then consider the cost of such a design and whether it is feasible. The design can then be refined to meet the resources allocated.
  • Consider alternatives. Create more than one design. Your design team can compare designs and combine ideas into a new design that best meets your organization's needs.

MORE INFO

Read the white paper "Windows 2000: Designing and Deploying Active Directory Service for the Microsoft Internal Corpnet," for a discussion of the internal design and deployment activities associated with the successful upgrade of the Microsoft enterprise network to Windows 2000. You can find the white paper on the Supplemental Course Materials CD-ROM (\chapt02\Corpnet). You may want to refer to this document as you study each stage of the Active Directory infrastructure design process.

Lesson Summary

In this lesson you learned that an Active Directory infrastructure design is a plan that represents your organization's network infrastructure. This plan is used to determine how you will configure Active Directory. You learned that the purpose of creating an Active Directory infrastructure design before actually implementing Active Directory is to test and refine your infrastructure in an off-network environment, eliminating the need to spend time and money reworking your actual network infrastructure.

You also learned that to develop an effective Active Directory infrastructure design, you must assemble a design team, business and technical environment analyses, and a test environment. You walked through the four stages of the design process: creating a forest plan, creating a domain plan, creating an organizational unit plan, and creating a site topology plan. Finally, you were introduced to the design guiding principles.


Previous page
Table of content
Next page
MCSE Training Kit Exam 70-219(c) Designing a Microsoft Windows 2000 Directory Services Infrastructure
MCSE Designing a Microsoft Windows 2000 Directory Services Infrastructure Readiness Review; Exam 70-219 (Pro-Certification)
ISBN: 0735613648
EAN: 2147483647
Year: 2001
Pages: 76
Authors: MeasureUp Inc., Jill Spealman
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Qshell for iSeries
Inside Network Security Assessment: Guarding Your IT Infrastructure
PMP Practice Questions Exam Cram 2
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy