+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 18 of 18
Windows Server 2000/2003 Thread, School network in Technical; We still run separate student and staff domains, which I inherited. The staff domain is a child of the student ...
  1. #16

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    2,824
    Thank Post
    146
    Thanked 572 Times in 516 Posts
    Rep Power
    154
    We still run separate student and staff domains, which I inherited. The staff domain is a child of the student one, I have worked on adding more trusts into the mix to the point where there is very little boundary between them - the only difference really is the choice made in the dropdown box on XP (or the default domain selection for 7). All management of the staff domain is via the student DCs, never need to use the staff ones. There's not a huge amount of point in it being like this now, but it works fine (though it obviously requires more DCs) and if it works, I'm not going to fix it. With noises being made about centralised AD for the LEA, I'll just leave it as is until that comes.

  2. #17
    Patrickv's Avatar
    Join Date
    Jan 2012
    Location
    New Zealand
    Posts
    59
    Thank Post
    4
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    I see a lot of good responses. But I need to point out one thing. Windows server 2008 R2 and windows 7. This requires extra planning and research by what i know it can not be a straight walk in the park because some software might not work or configration setting been deprcated or update compared on how you use to do things.

  3. #18

    Join Date
    Apr 2012
    Location
    Cheshire
    Posts
    126
    Thank Post
    4
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I am still giving this a lot of thought and there are massive configuration issues on our network. Most of them are GPO related so ideally need re-doing.

    Our two child domains can see each other anyway for some reason so the only thing protecting important files is folder permissions and user permissions.

    With that in mind the only thing being kept separate is user accounts, computers, servers and associated group policies.

    Would it not be a fairly easy process to use ADMT to migrate computers and users into the top level parent domain and then re-configure the servers depending on whether they are DC's or member server's into the top level also.

    There are no DNS servers, DHCP or anything additional running on any of our child domains so they are looking at the top level anyway.

    Right now although there are two child domains I don't believe there is real separation there.

    The academic domain has 2 DC's handling logons and 1 file server for student work, the admin domain has 2 DC's for handling logons and 1 file server for staff work. The parent domain has 2 DC's, print servers, DNS servers and DHCP servers.

    Surely moving academic users and computers and admin users and computers to the top. Re-create the GPOs for the relevant containers and re-check user and folder permissions to ensure they point to the correct domain? would be sufficient?

    Or am I missing the point here? Never worked with two separate domains before so it's pretty confusing but I can't see any major configuration jobs here to merge into one.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Merging 3 schools networks
    By ryan_powell in forum Wireless Networks
    Replies: 8
    Last Post: 6th February 2008, 08:46 AM
  2. Whole school network freezing
    By standunstan in forum ICT KS3 SATS Tests
    Replies: 15
    Last Post: 28th March 2007, 08:59 AM
  3. Shared areas on school networks
    By ranj in forum Windows
    Replies: 13
    Last Post: 10th November 2006, 08:03 PM
  4. School networks and aid to Africa. A comparison.
    By Dos_Box in forum General Chat
    Replies: 14
    Last Post: 5th July 2005, 11:36 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •