Results 1 to 4 of 4
  1. #1
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Designing of Active Directory

    Hello,

    I want to design a DOMAIN and having multiple office across world.

    Main HQ is India, braches in Singapore, China, US, UK.

    How to Design & Implement AD in HQ, and how do they login in their countries, and in those offices how to setup servers?


    Thanks,

    Anil Kumar.

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 984 Times in 914 Posts
    Anil, this is not a topic for a forum like this. The answer is long and complex and people are paid a lot of money to design AD for that very reason. What we can do is give you some pointers which will guide your choices.

    1. You need a forest to achieve your multi office arrangement. This allows local offices to work unaffected if there are problems with the inter office links.
    2. Do not use the company's public internet space as the AD domain, e.g. www.bigcompany.com. Use something like ad.bigcompany.com and do not list that in a public DNS.
    3. You need to decide what you want to share between offices and whether you want to use standard file shares or something like Sharepoint.
    4. Set up the root of the forest first, then create the regions, e.g. singapore.ad.bigcompany.com.

    I'm sure you'll have more questions, add than as they arise.

    cheers, Paul

  3. #3
    New Lounger
    Join Date
    May 2015
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Dear Paul,

    Thanks for reply.

    Now a days Cloud infrastructure is expanding, we can use single domain SSO integrated with AD Federation Services.

    But, I have a doubt in olden days how this was done for example I have Exchange 2003 in India, and a forest company.com and this is using self hosting like DMZ servers with firewalls internal network and public network. Assume that public hosting company.com and private AD company.com is same.

    And a user is joined in Singapore office and created user in Singapore domain and the same will automatically reflect into Exchange 2003 server in India and automatically user addition into Singapore part AD in India AD. This much Idea I have, could you give me the complete picture of this design.

    Thanks

    Anil Kumar.




    Quote Originally Posted by Paul T View Post
    Anil, this is not a topic for a forum like this. The answer is long and complex and people are paid a lot of money to design AD for that very reason. What we can do is give you some pointers which will guide your choices.

    1. You need a forest to achieve your multi office arrangement. This allows local offices to work unaffected if there are problems with the inter office links.
    2. Do not use the company's public internet space as the AD domain, e.g. www.bigcompany.com. Use something like ad.bigcompany.com and do not list that in a public DNS.
    3. You need to decide what you want to share between offices and whether you want to use standard file shares or something like Sharepoint.
    4. Set up the root of the forest first, then create the regions, e.g. singapore.ad.bigcompany.com.

    I'm sure you'll have more questions, add than as they arise.

    cheers, Paul

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 984 Times in 914 Posts
    The AD forest will allow you to login to any branch as long as you specify the branch where your login exists, e.g. user name = singapore/username.

    Exchange should have a distributed system where users are automatically created on the local Exchange server and AD replicates the information to the other Exchange servers. There will be a central mail hub (usually two or three in different offices) which accepts incoming mail and forwards it to the appropriate server. Outgoing mail is usually handled by the local Exchange server to reduce inter office traffic.

    cheers, Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •