Archive

Archive for October, 2011

Achieved My Enterprise Administrator Title

October 25, 2011 Leave a comment

Just a simple post to let you all know, that I’m now certified as an Enterprise Administrator (MCITP: Enterprise Administrator).

I earned my title the October 14, 2011.

MCITP: Enterprise Administrator Certification

MCITP: Enterprise Administrator Certification

Categories: Uncategorized

AD DS Forest Models

October 7, 2011 Leave a comment

Continuing on the theory concept – let’s take a look at another kind of models regarding the AD DS design; Forest Models.

The following text and images are all copied from the Microsoft 70-647 2nd Edition Training Kit.

Organizational Forest Model

In the organizational forest model, user accounts and resources exist in the same forest and are managed separately. The organizational forest model is used to provide service autonomy, service isolation, or data isolation.

Use the organizational forest model when you need to provide exclusive or inclusive control of the AD DS infrastructure or when you need to prevent administrators from controlling or viewing a subset of data in the directory or on member computers joined to the directory.

The figure below illustrates the organizational forest model.

Organizational Forest Model

Resource Forest Model

In the resource forest model, a separate forest is used to manage resources. Resource forests do not contain user accounts other than those required for services. Forest trusts are established so that users from other forests can access the resources contained in the resource forest. Resource forests, illustrated in the figure below, provide service isolation.

Use the resource forest model when you need to provide exclusive control of the AD DS infrastructure.

Resource Forest Model

Restricted Access Forest Model

In the restricted access forest model, illustrated in the figure below, a separate forest is created to contain user accounts and data that must be isolated from the rest of the organization. Restricted access forests provide data isolation.

Use the restricted access forest model when you need to prevent administrators from controlling or viewing a subset of data in the directory or on member computers joined to the directory.

Restricted Forest Model

Categories: Active Directory