none
Active Directory Design

    Question

  • hi guys,

    i have an indecision about designing the active directory for my company. i'll go straight to the point. here's the story:

    lets say i work in a company, named C.

    C is a joint venture company between two company: A and B

    lets say A and B already have runs on active directory, and i as IT guy has been asked by the management to create one.

    well, it is easier for me when there's only one of them. if only just A, then i just design DC for C and then maybe added another DC if necessary, so i get a tree in C. and then if the management in the A want an access to our company (C), then perhaps i just can give a ONE WAY EXPLICIT TRUST to A from C (or cannot?)

    so what can i do about that, guys? really appreciate your advice

    thank you, 

    Friday, December 23, 2016 10:15 AM

Answers

  • Hi Kukuh,

    I would recommend in this scenario that you create a new AD forest fro C (with multiple Domain Controllers as per best practice) and then if at some point in the future either A or B need access to C then trusts can be established. 

    • Proposed as answer by sunny.sinha Friday, December 23, 2016 2:37 PM
    • Marked as answer by Kukuh Prasetiyo Tuesday, December 27, 2016 3:42 AM
    Friday, December 23, 2016 1:57 PM

All replies

  • Hi Kukuh,

    I would recommend in this scenario that you create a new AD forest fro C (with multiple Domain Controllers as per best practice) and then if at some point in the future either A or B need access to C then trusts can be established. 

    • Proposed as answer by sunny.sinha Friday, December 23, 2016 2:37 PM
    • Marked as answer by Kukuh Prasetiyo Tuesday, December 27, 2016 3:42 AM
    Friday, December 23, 2016 1:57 PM
  • Hi daniel,

    seems an acceptable solution to me.

    thank you very much

    Tuesday, December 27, 2016 3:42 AM