Active Directory design is an enormous task. The technology has more capabilities and is therefore much more complex than any other networking technology available today. Because of this, many organizations are late deploying AD into their production environment.

The goal of this guide is to facilitate the design process for those DOE sites that are currently engaged in designing their Active Directory network. This guide is based on personal experience and a two-year design process that included planning, meetings, documentation, and training. This information has the potential to cut the design time by 50% and produce more tangible results than using the Microsoft design process alone.

This guide provides a general tutorial of Active Directory concepts as well as highlights some of the pitfalls, issues, and misinformation to be aware of when designing Active Directory for a site. Additionally, this guide demonstrates three common Active Directory designs and design tradeoffs by presenting a pragmatic scenario. To accomplish this, it is broken into 3 parts. Part I is comprised of an overview of Active Directory. Specifically, Section 3 outlines an Active Directory Tutorial and Section 4 describes the Microsoft Design process. Section 5 describes how to scope an AD Design. Part I provides the basis for understanding the design scenarios illustrated in Part II and best practices described in Part III.

Download pdf A Guide to Microsoft Active Directory (AD) Design