# windows # active-directory

    Optimal Active Directory Structure

    I present to your attention the optimal structure of Active Directory, which is used by many large companies. Sometimes the number of employees around the world in such companies reaches 10,000 people. Naturally, such large companies use a domain tree divided into countries or continents.

    For example:

    • Root domain - heyvaldemar.net
    • Child domain - canada.heyvaldemar.net and ireland.heyvaldemar.net

    Moreover, the structure of each domain in the tree is the same.

    Optimal Active Directory Structure

    The domain structure is divided into cities:

    • Toronto - City of Toronto

    Cities are divided into organizational units by objects:

    • Groups - groups
    • Servers - servers
    • Service - accounts to run services
    • Users - user accounts
    • Workstations - workstations

    Groups are divided into organizational units according to the scope of the groups:

    • Local - local groups in the domain
    • Global - global groups
    • Universal - universal groups
    • Distribution - distribution groups

    Servers are divided into organizational units by service:

    • Disabled - disabled and decommissioned servers
    • Exchange - servers on which Exchange Server is deployed
    • File - servers with shared and confidential network resources
    • Normal - member servers that do not require separation by services
    • Print - servers with shared printers

    And so on, depending on the need to separate the servers by services.

    Service accounts are divided into organizational units by role:

    • Disabled - disabled service accounts
    • Normal - ordinary service accounts

    Users are divided into organizational units by role:

    • Admins - accounts with extended rights
    • Disabled - disabled user accounts
    • External - accounts for contractors and other freelancers
    • Normal - ordinary users who do not require separation by roles

    And so on, depending on the need to divide users by roles.

    Workstations are divided into organizational units based on user roles:

    • Admins - workstations that use accounts with extended rights
    • Disabled - disabled and decommissioned workstations
    • Normal - ordinary workstations that do not require separation by user roles

    Refill the Author’s Coffee Supplies

    πŸ’– PayPal
    πŸ† Patreon
    πŸ’Ž GitHub
    πŸ₯€ BuyMeaCoffee
    πŸͺ Ko-fi

    Author

    Vladimir Mikhalev
    I’m Vladimir Mikhalev, the Docker Captain, but my friends can call me Valdemar.

    Recent Posts

    1
    Snyk Unleashed – Unraveling the Future of Code Security
    2
    Install Home Assistant Using Docker Compose
    3
    Install Vaultwarden Using Docker Compose

    DevOps Community

    hey πŸ‘‹ If you have questions about installation or configuration, then ask me and members of our community:


    Videos & Streams