M
Mathieu
Hi,
From you, specialist in domain structure, I ask some advise about domain
structure and AD in a school.
When I installed the first servers in the school, in NT4, I installed 2
domains.
The first domain for the pupils and theaching purposes, named DOM-L. For
safety reasons, I installed a second domain named DOM-A for administration
purposes. Teachers and pupils could not access DOM-A. There where two
domaincontrollers for the domains. One for each domain.
A third NT4-server is installed as a proxy-server, used by the two domains
to access internet (ADSL-fixed IP).
Two years ago I upgraded the teachers and pupils domain, called DOM-L to
Windows2000 server. All the clients now are minimum Windows2000. I installed
AD whit OU for each group of pupils. I installed policys, first to heavy,
later more flexible with more possibility's so they could change
desktopsettings etc.
Now, I want to upgrade the second NT4 domain, DOM-A to Windows2000 or
Windows2003. So the administration wil be upgradet.
I first wanted to keep the structure with 2 domains. But reading about
W2k3server, I maybe can add the users to the AD as an OU in the first Win2K
domain and secure the maps from the domain with usergroups. Also AD
restricts users to theiu own maps.
The administration members get the rights on Administration maps
(schooladministration, not server administrator).
Is it safe to work with one domain.
I also want to remove the proxy-server while the ADSL is fast enough to serv
the internet pages.
Then I have one free server, wich can hold the replication for AD, and the
second free server can hold a firewall.
Please, your advise
Thanks,
Mathieu
From you, specialist in domain structure, I ask some advise about domain
structure and AD in a school.
When I installed the first servers in the school, in NT4, I installed 2
domains.
The first domain for the pupils and theaching purposes, named DOM-L. For
safety reasons, I installed a second domain named DOM-A for administration
purposes. Teachers and pupils could not access DOM-A. There where two
domaincontrollers for the domains. One for each domain.
A third NT4-server is installed as a proxy-server, used by the two domains
to access internet (ADSL-fixed IP).
Two years ago I upgraded the teachers and pupils domain, called DOM-L to
Windows2000 server. All the clients now are minimum Windows2000. I installed
AD whit OU for each group of pupils. I installed policys, first to heavy,
later more flexible with more possibility's so they could change
desktopsettings etc.
Now, I want to upgrade the second NT4 domain, DOM-A to Windows2000 or
Windows2003. So the administration wil be upgradet.
I first wanted to keep the structure with 2 domains. But reading about
W2k3server, I maybe can add the users to the AD as an OU in the first Win2K
domain and secure the maps from the domain with usergroups. Also AD
restricts users to theiu own maps.
The administration members get the rights on Administration maps
(schooladministration, not server administrator).
Is it safe to work with one domain.
I also want to remove the proxy-server while the ADSL is fast enough to serv
the internet pages.
Then I have one free server, wich can hold the replication for AD, and the
second free server can hold a firewall.
Please, your advise
Thanks,
Mathieu