Determining Business Needs | MCSE Windows 2000 Active Directory Services Design Exam Cram 2 (Exam Cram 70-219)

As you've probably already noticed, assessing the needs of the business is crucial in all aspects of designing an Active Directory infrastructure. The needs of the business should also be the first thing considered when designing a domain. The domain design created by the design team should reflect the current structure of the business. When assessing the business, you need to detail the administrative requirements as well as the security requirements because both of these requirements will have a major impact on the domain and OU structure planned for the business.

Administrative and Security Requirements

When designing a domain, the first thing that should be documented (or reviewed if it has already been determined) is the administrative strategy the business has implemented. The type of administrative structure a business has in place determines the creation and organization of domains in the Active Directory. You must determine whether the business has implemented a centralized or decentralized strategy for administration. Knowing how the administrative tasks are distributed throughout the business helps you determine the model for administration that will best meet the needs of the business. The administration model implemented should allow the business to distribute administrative tasks in a way that meets its administrative requirements. The administration model also determines the organization of domains and OUs in the Active Directory hierarchy.

If you recall from Chapter 5, "Designing Active Directory for Delegation," the four models for administration that can be implemented are geographical (location), organizational (business unit), functional (role), and hybrid models. Table 7.1 summarizes the characteristics of each model (refer to Chapter 5 for a more in-depth review).

Table 7.1. Characteristics of Administration Models

Model	Characteristics
Geographical (location)	The Active Directory structure is organized around the different geographical locations in a business.
Organizational (business unit)	The organization of the Active Directory structure is based on the different departments or business units in a business.
Functional (role)	The organization of the Active Directory structure is based on the different job roles in a business.
Hybrid	This type of model implements a combination of the preceding models. Two common hybrids are "location then organization" and "organization then location."

After you've determined the administrative requirements of the business, the security requirements must be assessed (security in a business is usually crucial, so be sure the assessment is thorough). When assessing the security requirements, determine who is responsible for administration in the business (delegation of authority). Documenting this information ensures that the proper individuals are assigned the proper permissions. Use the following questions as a guide when performing the assessment:

Who in the business requires administrative privileges?
What are they responsible for?
What type of administrative privileges do they require to do their jobs?
What is the scope of their responsibilities?
Will their privileges apply at the site, domain, or OU level?

After the administrative and security requirements of the business have been determined, you should have a good understanding of the domain structure that will best meet the business's needs. Your next step is to plan the creation of the first domain in the Active Directory structure.