#116485 - 2004-03-22 11:21 AM
OT AD sub-tree/node/domain without access to root?
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Sorry about the vagueness of the topic, I couldn't think how to word it and at the moment I'm pretty clueless about Active Directory except in very broad concepts 
We are currently an entirely NT4 domain based shop. Before the end of the year we will have started the migration to AD, probably Windows 2003 based.
I have a remote site in another country which needs to rebuild their server, and wants to rebuild as AD to get the benefits now rather than wait a year when we will be ready to integrate them.
Seems reasonable enough to me with the proviso that they will need to provide all the support themselves until we get AD skills up to speed here.
The problem is that their domain will be a sub-domain of the corporate domain.
The question at last - is it possible for them to configure AD locally as part of the corporate structure even though they do not have access to the root? If so, how much buggeration will be caused when they join and (presumably) mandatory settings are inherited?
Hopefully that made some kind of sense - any pointers to relevant white papers gratefully received.
|
|
Top
|
|
|
|
|
#116487 - 2004-03-22 01:11 PM
Re: OT AD sub-tree/node/domain without access to root?
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
AD in W2K is strictly a top affair that needs to be well thought out. I would advise against letting someone deploy their own prior to the proper Forest ROOT being established by corporate. Windows 2003 is suppose to have prune and graft capabilities (which I have not see) but I have not yet read you can change the Forest Root.
Definately need to run that past M$ to see if they will be providing you a method of having such a domain become a child of your new Forest.
|
|
Top
|
|
|
|
|
#116491 - 2004-03-25 03:50 PM
Re: OT AD sub-tree/node/domain without access to root?
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Quote:
Why do you need more than one domain
Hmm. Well I may not - I started by saying I know little about AD 
The corporate structure is immensely complicated and very large - we are actually completley different companies with individual personalities.
This is further complicated by the fact that the inter-country links are not particularly large, so replication has to be kept down to a minimum.
To make life even more complicated my organisation fits into the middle level of this tree - we have a corporate head office "above" us (who are Win2K AD), we are NT 4.0 and the country in question will come "under" us in terms of responsibility.
Even starting to think about it is giving me a headache.
I think I'll ask them to hold off - it sounds like the corporate head office will need to get a much more detailed structure in place first.
|
|
Top
|
|
|
|
Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart
|
0 registered
and 640 anonymous users online.
|
|
|
)
