Determining the Type of IT Organization

To effectively delegate authority in Active Directory, the current structure of the IT organization in the business needs to be assessed. After the current structure is documented, the design team can work with the business to determine whether any areas need improvement or can be restructured for easier administration. This information assists in creating a delegation plan that meets the requirements of the business.

Centralized Versus Decentralized Management

When assessing how the IT organization in a business is structured, determine the model that is currently in place. Is the network administration centralized, or does the business allow for distributed administration (decentralized)? Determining this ensures that the needs of the IT organization are identified and reflected in the administrative model that is developed.

An organization can have decentralized management but have a centralized IT function, or vice versa. Do not assume that decentralized management means decentralized IT.

Centralized Management

This type of model is hierarchical in structure and is characterized by one individual who oversees all network development and administration and is the person to whom the IT organization reports . Some of the day-to-day administrative tasks might be assigned to select individuals or groups outside the IT organization, but most network administration remains centralized. The IT organization maintains decision-making authority as well as the responsibility of ensuring that all decisions are implemented throughout all levels in the business.

Figure 5.1 shows the hierarchical structure of this model. If the XYZ Corporation implemented this type of model, decision-making authority and most network administrative authority would be maintained in the upper level of the hierarchy.

A slight variation to this model exists, in which the IT organization is still centralized but day-to-day management is decentralized. The central IT organization is responsible for overseeing network development, and the IT groups in the various business units are responsible for the day-to-day administrative tasks.

For example, the XYZ Corporation might maintain a centralized IT organization that is responsible for overseeing network development and implementing standards throughout the business while decentralizing the day-to-day administrative tasks by assigning them to the IT groups in each unit (see Figure 5.2).

Decentralized Management

With decentralized management, one person or group does not hold all the decision-making and network administrative authority; in other words, no hierarchy or central IT organization oversees all network development. Each business unit maintains its own IT organization and implements its own IT model based on its needs. When it comes to technical issues affecting the entire organization, the IT groups from each of the business units would have to work together. For example, if a business were planning a rollout of Windows 2000, each of the IT groups from the various business units would need to be involved.

The type of IT management structure a business implements does not have a direct impact on the Active Directory structure. However, it is still crucial to characterize the current IT organization a business has implemented because this helps the design team determine the type of administrative model to use. The administrative model does, however, directly impact the organization of the various elements in the Active Directory structure.

Table 5.2 summarizes some of the advantages and disadvantages of each model.

Table 5.2. Each Model's Advantages and Disadvantages