Poll: One Domain or Two?!

Be advised that this is a public poll: other users can see the choice(s) you selected.

+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 42
Windows Thread, One Domain or Two? in Technical; We switched from one CC3 network and one vanila (with no gpo's!!) to one single network with 4 new servers ...
  1. #16
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,154
    Thank Post
    130
    Thanked 54 Times in 47 Posts
    Rep Power
    38

    Re: One Domain or Two?

    We switched from one CC3 network and one vanila (with no gpo's!!) to one single network with 4 new servers just over a year ago and it was the best thing we ever did!!! It makes our lives so much easier.

    @alonebfg- we have got 2 address ranges as well but when we migrated networks we bought an ISA server that only gives out one address to our LEA network and use 192.168 internally now and again this works well. Although i am having to set up a few machines with bypass' on the ISA server as we have got a new filtering system and it requires a specific address to unblock certain machines from more websites.

  2. #17

    Join Date
    Oct 2006
    Posts
    318
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: One Domain or Two?

    same with us two domains 1 for pupils and 1 for staff

  3. #18
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: One Domain or Two?

    Just going through the process of migrating to one domain and getting rid of VLANS altogether It makes sense because everyone uses the same email, file, proxy and print servers (plus I am being paid to manage 1 network and not 2) 8)

    We are using IPsec between our SIMS server and admin PC's (for those of us extremely paranoid about security) :twisted:

    Even though we're partway to migrating to one domain things are so much easier to manage. I would deffo recommend doing it if you can and there is a strong case for it.

  4. #19

    Join Date
    May 2007
    Location
    S.E. England
    Posts
    27
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: One Domain or Two?

    We have 2 seperate domains here as county advise this, because of the nature of SIMS and its data.
    When SIMS is on a domain you are restricted to what else you can run with it according to county, we are ok apparently with Office and a couple of other bits but thats about it.

    It makes life easier here to maintain 2 networks and I fail to see whats difficult with it. It also keeps the SIMS data completely away from pupils etc.

    Hope that helps.

  5. #20
    ChrisP's Avatar
    Join Date
    Apr 2007
    Location
    norfolk
    Posts
    150
    Thank Post
    4
    Thanked 8 Times in 8 Posts
    Rep Power
    17

    Re: One Domain or Two?

    3 domain here

  6. #21
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,154
    Thank Post
    130
    Thanked 54 Times in 47 Posts
    Rep Power
    38

    Re: One Domain or Two?

    Quote Originally Posted by ChrisP
    3 domain here
    3?? Admin, Curic and ???????

  7. #22
    ChrisP's Avatar
    Join Date
    Apr 2007
    Location
    norfolk
    Posts
    150
    Thank Post
    4
    Thanked 8 Times in 8 Posts
    Rep Power
    17

    Re: One Domain or Two?

    Quote Originally Posted by DSapseid
    Quote Originally Posted by ChrisP
    3 domain here
    3?? Admin, Curic and ???????
    We have a project based on-site that does mentoring for our school and 2 others (Community Paediatric SLT Team & Behaviour, Education and Support Team). It hosts top-secret data or at least they seem to think it does.

  8. #23

    Join Date
    Nov 2006
    Location
    Reading, UK
    Posts
    487
    Thank Post
    30
    Thanked 14 Times in 8 Posts
    Rep Power
    19

    Re: One Domain or Two?

    We've recently moved to a brand new site, the old site had two domains, one for curriculum and one for admin.

    The new site holds one domain for all, with the vast developments in security, as long as it's kept tight; there is no need for a second domain in my opinion.

  9. #24
    ChrisP's Avatar
    Join Date
    Apr 2007
    Location
    norfolk
    Posts
    150
    Thank Post
    4
    Thanked 8 Times in 8 Posts
    Rep Power
    17

    Re: One Domain or Two?

    Quote Originally Posted by plock
    We've recently moved to a brand new site, the old site had two domains, one for curriculum and one for admin.

    The new site holds one domain for all, with the vast developments in security, as long as it's kept tight; there is no need for a second domain in my opinion.

    And what if someone got the domain admin password for your curriculum domain?

  10. #25

    Join Date
    Nov 2006
    Location
    Reading, UK
    Posts
    487
    Thank Post
    30
    Thanked 14 Times in 8 Posts
    Rep Power
    19

    Re: One Domain or Two?

    Now that wouldn't be good! That's why I say "as long as it's kept tight"!

    The 'Domain Admin' password should be kept as secure as possible, also regular changes helps.

  11. #26

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,332
    Thank Post
    525
    Thanked 2,596 Times in 2,014 Posts
    Blog Entries
    24
    Rep Power
    888

    Re: One Domain or Two?

    Quote Originally Posted by ChrisP
    And what if someone got the domain admin password for your curriculum domain?
    You could say that for anything though - it just means you have to follow a good password policy and a good security policy. We have a single domain system and have never had a problem with people getting hold of admin passwords - there are only 2 people who know that password, and as such it is extremely unlikely that someone will get hold of it here.

    That's like saying 'what if someone got hold of the master key for the locks' - and that is more likely than getting an admin password.

  12. #27
    RobFuller's Avatar
    Join Date
    Feb 2007
    Location
    Chelmsford
    Posts
    316
    Thank Post
    83
    Thanked 39 Times in 29 Posts
    Rep Power
    22

    Re: One Domain or Two?

    Why not one Forest and then 2 sub domains if you’re really worried about security or someone else is more to that fact. Also 'if' a student etc does get one of the domain passwords it only affects that domain. Unless they get the Enterprise domain admin password!

    Just a though.

  13. #28
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,946
    Thank Post
    967
    Thanked 461 Times in 388 Posts
    Blog Entries
    12
    Rep Power
    94

    Re: One Domain or Two?

    No point in having 2 domains or networks any more, that was just done in the past for historical reasons that do not apply any more. Security and active directory technology have moved on.

    I moved 2 years ago to 1 domain and could not be happier. Far to many things overlapped to make it worth while.

  14. #29
    ChrisP's Avatar
    Join Date
    Apr 2007
    Location
    norfolk
    Posts
    150
    Thank Post
    4
    Thanked 8 Times in 8 Posts
    Rep Power
    17

    Re: One Domain or Two?

    Quote Originally Posted by ittech
    Security and active directory technology have moved on.
    In what way? Do you mean thet AD has MOVED ON from NT, OR has AD had a security revolution I did'nt get the newsletter for?

    Quote Originally Posted by ittech
    No point in having 2 domains or networks any more, that was just done in the past for historical reasons that do not apply any more.
    SORRY, I fail to see your logic. To say that you only require one domain seems quite naive to me. I agree that with good administration a domain can be locked down tightly, however two words echo in my geek bones… ‘Security Realms’.

    As a MCSE who has bothered to take the 4 hour AD Design exam I can tell you that one domain is not the 'preached' way, I am certainly not a MS fanboy, and what you learn for MS Exams are throwaway knowledge BUT the reality of security realms are not.

    Quote Originally Posted by ittech
    I moved 2 years ago to 1 domain and could not be happier. Far to many things overlapped to make it worth while
    Being challenged for authentication only gives me a warm fuzzy feeling Scripts do the rest.

    TBH managing three domains causes me no problems at all. I defiantly would not consider amalgamating them to one domain..


    I truly do appreciate any opinions that others have, there are many paths to the same goal.

    Thanks, Chris !!

  15. #30

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124

    Re: One Domain or Two?

    The trouble with some of the MCSE stuff is that it assumes you're running a world wide network with tens or hundreds of thousands of users (and the staff to support it!) It's not necessarily the best setup for a small organisation.

    Having said that, we do have 3 domains (staff, student and a resource domain "in the middle" - this is currently only used for photocopiers but we will move other resources onto it soon)



SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. WOL Whole Domain
    By RobFuller in forum Windows
    Replies: 6
    Last Post: 4th June 2010, 11:25 AM
  2. Replies: 3
    Last Post: 10th April 2007, 09:40 AM
  3. 1 Domain + 1 domain + syncronised users = possible?
    By tarquel in forum Wireless Networks
    Replies: 52
    Last Post: 30th October 2006, 03:08 PM
  4. RC1 on Win2k3 (R2) Domain
    By Gatt in forum Windows Vista
    Replies: 11
    Last Post: 19th September 2006, 10:56 PM
  5. Replies: 15
    Last Post: 15th September 2006, 10:01 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •