About complex network architecture design and its term

[ahbeng78]

Hi all,

I have few questions puzzling me for few weeks, hope someone can guide me through as the scenario below:

Background:

Enterprise terminal clients (PC/laptop) most likely will classify into Active Directory/Cluster/Domain, and they use site-to-site VPN connection many times, this would be easier to take care of. The overall network architecture is as below:

Center -> Local Branch AD/Cluster/Domain, joined by local system with different department object unit (OU) in the domain -> these users/clients will need to grant access into specify domain in the entire AD because they are categariezed into different department/team/group.

-> Different region may have many AD/Cluster/Domain, they sometime have trusted bridge connection or site-to-site VPN connection in order to fastern certain process that need time to travel all the way back to Center

Case 1:

If one of the client system is transferring from one outlet / branch to the other one, would it be fine if this client system removed from the old domain/AD? Would that impact the entire network structure?

Case 2:

If one of the server that has a site-to-site VPN connection / trusted bridge connection to another branch, and eventually they decided to brake up the 2, what is/are the impact and would this affect the connectivity from Center to both these branches (in term of server connection). How or what should have done to avoid this?

Queries:

My udnerstanding is in AD, there are many different type of domains that served different purpose. And every single system/server is consider as object unit (OU) and they would join to either one of the domain in the AD in order to share data.

If the enterprise is big enough, and the server/major system will brake into Cluster.

-> What is/are the differences of Active Directory and Domain?

-> They is a domain controller and how can this affect the entire network structure?

Thank you all.

Regards,

[IrfanL]

A Domain is a group of computing systems or services on a network based on DNS and are most likely to be under single Administrative Control. Where, computing Systems may include any computer that the organization have, and Computing Serivces may represent any network services that is made available with the support of DNS.

Microsoft Active Directory is a repository (think of it as a database) of AD objects (resources and security principles) stored or managed in a hierarchical structure (like a tree structure). AD objects can be organized and managed into AD with help of Sites, Forests, and Domains, OUs.

I will add more as I get time.

[+John Teacake MVC]

Wow I hope you aren't charging people for your time. I don't know where to begin with what's wrong with that.

I'll have a go anyway as much as I can be bothered . . .

If one of the client system is transferring from one outlet / branch to the other one, would it be fine if this client system removed from the old domain/AD? Would that impact the entire network structure?

How or what should have done to avoid this?

Intersite replication perhaps? A basic of AD. Read up on what a domain is first and not domain name. You really need to understand the basics

They is a domain controller and how can this affect the entire network structure?

Expand please, It wont affect your "Network Infastructure" It would affect your domain infastruture ALOT

My udnerstanding is in AD, there are many different type of domains that served different purpose. And every single system/server is consider as object unit (OU) and they would join to either one of the domain in the AD in order to share data.

If the enterprise is big enough, and the server/major system will brake into Cluster.

Again NO! It doesnt break into cluster automatically. Again I think you need to read up on Windows clustering. And No thats not what an OU is.

You have a lot to understand about Active Directory and Domains

[+BudMan MVC]

Where did you get this from??

"Enterprise terminal clients (PC/laptop) most likely will classify into Active Directory/Cluster/Domain"

Is this something you wrote?? Or is it out of some book?? To be honest its pretty much gibberish..

"Local Branch AD/Cluster/Domain, joined by local system with different department object unit (OU) in the domain"

Again --- Where did this come from.. Its Gibberish as well.

"Case 1:

If one of the client system is transferring from one outlet / branch to the other one, would it be fine if this client system removed from the old domain/AD? Would that impact the entire network structure?"

How I'm reading this. Can you move a client system (Member PC) from one Active directory domain to another.. Yes this is not a problem never was, never will be.. What impact would it have on the network structure??? Um that would be ZERO, a client means nothing -- there can be hundreds to thousands of them, they have nothing to do with the network structure at all. Worse case is if there were other clients that need to talk to this client. But as far as AD goes clients (Member PCs) have nothing to do with anything.

Case 2?? have no idea what your talking about.. Sure you can have location to location network connections.. But without understanding your overall connection topology its impossible to say what impact if any it would have.. You have not laid out any sort of topology for network connectivity between locations, nor any sort of AD Hierarchy. Are these locations part of the same forest? Are their trusts between forests or domains? Are they child domains, etc.

"there are many different type of domains that served different purpose"

Serve different purposes?? I believe your talking about a Forest, or domain or a child domain - as to serving different purposes??? Not sure what your asking??

'If the enterprise is big enough, and the server/major system will brake into Cluster"

Again at loss to understand what your wanting to ask even? Yes if the need is there then you might want to cluster servers to provide for High Availability.. But this really has nothing to directly do with Active directory. Clustering is a way to provide for fail over or load balancing.

"> What is/are the differences of Active Directory and Domain?"

Again are you confusing the term domain as used within active directory with general DNS (Domain Naming System) as used on the internet for example neowin.net is a domain?

A domain in active directory refers to all objects in a common database, now you never even mention Trees which would be either a single domain, or domain and its children -- ie all domains that fall under the same namespace. And you also make no mention of Forests which would be made up of trees and represent the security boundary of an active directory.

As to how a Domain Controller affects network structure?? Again not sure what your asking.. Network structure is outside the hierarchy of a AD structure. Yes normally you would design your active directory around your current network structure. For placement of DCs and breakup of sites, etc. But your AD structure does not dictate your network structure -- but network structure might dictate placements of of your DCs

[+John Teacake MVC]

Yeah what BudMan said just I couldn't be bothered replying in that detail because it was clear you didn't have a grasp of the basics.

[+BudMan MVC]

Its not always about what the OP understands, but who else might read the thread and pickup some info, etc. ;)

[+Mystic MVC]

Its not always about what the OP understands, but who else might read the thread and pickup some info, etc. ;)

Exactly! I love reading over various networking threads, especially those you have commented on. Not sure if I'll ever be a system admin, but I'm studying management information systems right now so I'm familiar (not an expert) in most of the information being discussed. With this topic, I definitely learned more about AD's. :p

[ahbeng78]

Where did you get this from??

"Enterprise terminal clients (PC/laptop) most likely will classify into Active Directory/Cluster/Domain"

Is this something you wrote?? Or is it out of some book?? To be honest its pretty much gibberish..

"Local Branch AD/Cluster/Domain, joined by local system with different department object unit (OU) in the domain"

Again --- Where did this come from.. Its Gibberish as well.

"Case 1:

If one of the client system is transferring from one outlet / branch to the other one, would it be fine if this client system removed from the old domain/AD? Would that impact the entire network structure?"

How I'm reading this. Can you move a client system (Member PC) from one Active directory domain to another.. Yes this is not a problem never was, never will be.. What impact would it have on the network structure??? Um that would be ZERO, a client means nothing -- there can be hundreds to thousands of them, they have nothing to do with the network structure at all. Worse case is if there were other clients that need to talk to this client. But as far as AD goes clients (Member PCs) have nothing to do with anything.

Case 2?? have no idea what your talking about.. Sure you can have location to location network connections.. But without understanding your overall connection topology its impossible to say what impact if any it would have.. You have not laid out any sort of topology for network connectivity between locations, nor any sort of AD Hierarchy. Are these locations part of the same forest? Are their trusts between forests or domains? Are they child domains, etc.

"there are many different type of domains that served different purpose"

Serve different purposes?? I believe your talking about a Forest, or domain or a child domain - as to serving different purposes??? Not sure what your asking??

'If the enterprise is big enough, and the server/major system will brake into Cluster"

Again at loss to understand what your wanting to ask even? Yes if the need is there then you might want to cluster servers to provide for High Availability.. But this really has nothing to directly do with Active directory. Clustering is a way to provide for fail over or load balancing.

"> What is/are the differences of Active Directory and Domain?"

Again are you confusing the term domain as used within active directory with general DNS (Domain Naming System) as used on the internet for example neowin.net is a domain?

A domain in active directory refers to all objects in a common database, now you never even mention Trees which would be either a single domain, or domain and its children -- ie all domains that fall under the same namespace. And you also make no mention of Forests which would be made up of trees and represent the security boundary of an active directory.

As to how a Domain Controller affects network structure?? Again not sure what your asking.. Network structure is outside the hierarchy of a AD structure. Yes normally you would design your active directory around your current network structure. For placement of DCs and breakup of sites, etc. But your AD structure does not dictate your network structure -- but network structure might dictate placements of of your DCs

:blush:

Thanks Budman and yes, sorry to say, basic network knowledge is fine for me, but to be honest, those are kinda unknown to me. Sincerely thanks for your precious time replying with comprehensive points and questions that make me think and learn more.

I will try to sort all the questions that were put back to me one by one with my friend ~ Google. Thanks, hope the next time i come here again with different level of network knowledge :)