Active Directory Design and Administration

In my previous post titled “Update 2: MDT 2010 and Windows Server 2008 R2” I briefly mentioned how my interests in Windows deployment converged with my interests in Active Directory.

Active Directory has always featured prominently in my list of technologies I wanted to explore within my Lab environment. Specifically it’s designing an AD infrastructure and server-side administration that I’m interested in.

I’ve already started the process and made the decision to design my Active Directory domain from the ground up, using an educational setting as the environment to guide my design decisions. I’m thinking of it as a practical task – to design a domain environment and OU structure based on a given scenario. The scenario is in this case is a higher education environment.

I’ve been doing a lot of reading and research online on best practices and methods for designing an Active Directory infrastructure. Some of the design considerations that I’ve been looking into are:

  • Designing an OU structure
  • Delegating OU administration
  • Designing a Group Policy infrastructure

Once the design stage is complete and I’m happy with the OU structure I will move on to completing the network with user, computer and group objects and applying group policy settings to user and computer objects. I foresee spending a lot of my time with Group Policy and applying the policies to the user and computer objects. Computers in the domain will mostly be Virtual Machines in addition to both the test computers in my Lab. This will allow me to experiment with group policy settings for computers as well as users in the domain. Where possible I’ll be looking into using PowerShell to automate admin tasks as well.

As before I’ll be making notes on my progress as I go along which will be adapted into blog posts in due course. I can’t promise when that will be as I’ve still got a backlog of posts I need to write on MDT 2010/12. I need to get those out of the way first which will then leave me with plenty of time to spend in the Lab working on Active Directory.

PS. Wow. I must’ve mentioned the word “design” a hundred times there. Too much? :)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s