Determining Your Active Directory Design Requirements

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

If your network environment is currently operating without a directory service, or if you need to modify your current Active Directory infrastructure, complete the design process for your Active Directory infrastructure. You must complete a comprehensive design of your Active Directory logical structure before you deploy Active Directory. Thoroughly preparing your Active Directory design is essential to a cost-effective deployment.

Logical Structure Design

Before you deploy Windows Server 2003 Active Directory, you must plan for and design the Active Directory logical structure for your environment. The Active Directory logical structure determines how your directory objects are organized, and provides an effective method for managing your network accounts and shared resources. When you design your Active Directory logical structure, you define a significant part of the network infrastructure of your organization.

To design the Active Directory logical structure, determine the number of forests that your organization requires, and then create designs for domains, DNS, and organizational units.

Site Topology Design

After you design the logical structure for your Active Directory infrastructure, you must design the site topology for your network. The site topology is a logical representation of your physical network. It contains information about the location of Active Directory sites, the Active Directory domain controllers within each site, and the site links that support Active Directory replication between sites.

Domain Controller Capacity Planning

To ensure efficient Active Directory performance, you must determine the appropriate number of domain controllers for each site and verify that they meet the hardware requirements for Windows Server 2003. Careful capacity planning for your domain controllers ensures that you do not underestimate hardware requirements, which can cause poor domain controller performance and application response time.

Advanced Active Directory Features

Functional levels in Windows Server 2003 Active Directory allow you to enable new features, such as improved group membership replication, deactivation and redefinition of attributes and classes in the schema, and forest trust relationships that require that all domain controllers within the participating domain or forest run Windows Server 2003. Part of the Active Directory design process involves identifying the domain and forest functional levels that your organization requires. To implement these Windows Server 2003 Active Directory features in your organization, you must first deploy Windows Server 2003 Active Directory and then raise the forest and domain to the appropriate functional level.