I think Rick has hit the main points. From my POV, the most important issue is being able to constrain replication if you use multiple domains. If you have a smallish environment and replication traffic is not going to be an issue, stick with a single domain, or at most an empty root with a single subdomain.
-gil -----Original Message----- From: Rick Kingslan [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 26, 2002 8:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Help..... Rich, Loaded question. I've got a few minutes before heading off to bed to do some reading, but I think you'll get more than enough response to get a full view. A few benefits (I suggest someone fill in some of the drawbacks, too) 1. Separation of Schema and Enterprise administrator from rest of domain structure, providing some degree of protection for key and sensitive entities from the 'work' domains. 2. Use of a root domain provides for easy expansion and acquisition by adding a domain below the root. 3. Provide for replication boundary of domain related data, thereby reducing unnecessary traffic because domains do not replicate to each other. 4. Create a separation of function or security based on password, account lockout properties. (Do not in any way confuse a domain in Windows 2000 to a domain in Windows NT 4.0. Transitive trusts are automatically created between domains in a forest. A forest is more synonomous to a Windows NT 4.0 domain when viewed from a autonomous security context) Hope this helps - and gets the discussion going.... Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 "Any sufficiently advanced technology is indistinguishable from magic." --- Arthur C. Clarke > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Johnson, Richard (NY Int) > Sent: Thursday, September 26, 2002 10:01 PM > To: '[EMAIL PROTECTED]' > Subject: [ActiveDir] Help..... > > > Can someone outline the benefits of having a single forest > with multiple domains as opposed to a single domain. > > > Thanks, > > > Rich > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
