Windows Server 2000/2003 Thread, School network in Technical; We still run separate student and staff domains, which I inherited. The staff domain is a child of the student ...
4th April 2012, 09:37 AM #16
We still run separate student and staff domains, which I inherited. The staff domain is a child of the student one, I have worked on adding more trusts into the mix to the point where there is very little boundary between them - the only difference really is the choice made in the dropdown box on XP (or the default domain selection for 7). All management of the staff domain is via the student DCs, never need to use the staff ones. There's not a huge amount of point in it being like this now, but it works fine (though it obviously requires more DCs) and if it works, I'm not going to fix it. With noises being made about centralised AD for the LEA, I'll just leave it as is until that comes.
17th April 2012, 02:52 AM #17
I see a lot of good responses. But I need to point out one thing. Windows server 2008 R2 and windows 7. This requires extra planning and research by what i know it can not be a straight walk in the park because some software might not work or configration setting been deprcated or update compared on how you use to do things.
20th April 2012, 12:59 PM #18
- Rep Power
I am still giving this a lot of thought and there are massive configuration issues on our network. Most of them are GPO related so ideally need re-doing.
Our two child domains can see each other anyway for some reason so the only thing protecting important files is folder permissions and user permissions.
With that in mind the only thing being kept separate is user accounts, computers, servers and associated group policies.
Would it not be a fairly easy process to use ADMT to migrate computers and users into the top level parent domain and then re-configure the servers depending on whether they are DC's or member server's into the top level also.
There are no DNS servers, DHCP or anything additional running on any of our child domains so they are looking at the top level anyway.
Right now although there are two child domains I don't believe there is real separation there.
The academic domain has 2 DC's handling logons and 1 file server for student work, the admin domain has 2 DC's for handling logons and 1 file server for staff work. The parent domain has 2 DC's, print servers, DNS servers and DHCP servers.
Surely moving academic users and computers and admin users and computers to the top. Re-create the GPOs for the relevant containers and re-check user and folder permissions to ensure they point to the correct domain? would be sufficient?
Or am I missing the point here? Never worked with two separate domains before so it's pretty confusing but I can't see any major configuration jobs here to merge into one.
By ryan_powell in forum Wireless Networks
Last Post: 6th February 2008, 08:46 AM
By standunstan in forum ICT KS3 SATS Tests
Last Post: 28th March 2007, 08:59 AM
Last Post: 10th November 2006, 08:03 PM
By Dos_Box in forum General Chat
Last Post: 5th July 2005, 11:36 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)