General Design Principles

  • Article

When working on your Active Directory plan, use the following design principles to guide your decision making:

Simplicity is the best investment.

Simple structures are easier to explain, easier to maintain, and easier to debug. Although some added complexity can add value, be sure to weigh the incremental added value against the potential maintenance costs in the future. For example, the maximum optimization of query and replication traffic might require a complex site topology. However, a complex site topology is harder to maintain than a simple site topology. Always evaluate the tradeoff between added capabilities and added complexity before deciding on a complex structure.

Everything that you create will require some maintenance over its lifetime. When you create a structure without well-defined reasons, it will end up costing you more in the long run than any value that it adds. Justify the existence of any structure you create.

Your business and your organization will always change.

The normal changes that occur within any organization, ranging from employee moves to enterprise-wide reorganizations or acquisitions, will affect your Active Directory structure. When designing your structure, consider how these potential changes will affect end-user and administrator interaction with the directory. For example, consider the impact that your last major business reorganization would have had on the structures you have designed. What changes would be necessary if you add a new location or branch office? Would the changes have required significant and expensive changes to the Active Directory structure? Make sure your design is general enough and flexible enough to accommodate constant and significant change.

Aim for the ideal design.

In your first design pass, design what you consider to be the ideal structure, even if it does not reflect your current domain or directory infrastructure. It is useful and practical to understand what would be ideal, even if it is not currently attainable. For more information about the costs involved in migrating your network to the ideal plan, see "Determining Domain Migration Strategies" in this book. Weigh those costs against the long-term savings of the ideal plan, and refine the design appropriately.

Explore design alternatives.

Make more than one pass at each design. The value of a design becomes more evident when you compare it to other design ideas. Combine the best of all designs into the plan that you will implement.