Export (0) Print
Expand All

Reviewing the Domain Models

Updated: March 28, 2003

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

The following factors impact the domain design model that you select:

  • The amount of available capacity on your network that you are willing to allocate to Active Directory. The goal is to select a model that provides efficient replication of information with minimal impact on available network bandwidth.

  • The number of users in your organization. If your organization includes a large number of users, deploying more than one domain enables you to partition your data and gives you more control over the amount of replication traffic that will pass through a given network connection. This makes it possible for you to control where data is replicated and reduce the load created by replication traffic on slow links in your network.

The simplest domain design is a single domain. In a single domain design, all information is replicated to all of the domain controllers. If necessary, however, you can deploy additional regional domains. This might come about if portions of the network infrastructure are connected by slow links and the forest owner wants to be sure that replication traffic does not exceed the capacity that has been allocated to Active Directory.

It is best to minimize the number of domains that you deploy in your forest. This reduces the overall complexity of the deployment and, as a result, reduces total cost of ownership. Table 2.3 lists the administrative costs associated with adding regional domains.

Table 2.3   Administrative Costs Associated With Adding Regional Domains to a Forest


Cost Implications

Management of multiple Service Administrator groups

Each domain has its own service administrator groups that need to be managed independently. The membership of these service administrator groups must be carefully controlled.

Maintaining consistency among Group Policies that are common to multiple domains

Group Policy settings that need to be applied forest-wide must be applied separately to each individual domain in the forest.

Maintaining consistency among access control and auditing settings that are common to multiple domains

Access control and auditing settings that need to be applied forest-wide must be applied separately to each individual domain in the forest.

Increased likelihood of objects moving between domains

The greater the number of domains, the greater the likelihood that users will need to move from one domain to another. This migration can potentially impact end users.

Community Additions

© 2016 Microsoft