Windows Server® 2008 R2 Unleashed > Designing a Windows Server 2008 R2 Active Directory > Understanding the Empty-Root Domain Model

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

About the Authors

Acknowledgments

We Want to Hear from You!

Reader Services

Introduction

Pt. I. Windows Server 2008 R2 Overview

Pt. II. Windows Server 2008 R2 Active Directory

Ch. 4. Active Directory Domain Services Primer

Ch. 5. Designing a Windows Server 2008 R2 Active Directory

Understanding AD DS Domain Design

Choosing a Domain Namespace

Examining Domain Design Features

Choosing a Domain Structure

Understanding the Single Domain Model

Understanding the Multiple Domain Model

Understanding the Multiple Trees in a Single Forest Model

Understanding the Federated Forests Design Model

Understanding the Empty-Root Domain Model

Understanding the Placeholder Domain Model

Understanding the Special-Purpose Domain Design Model

Renaming an AD DS Domain

Summary

Best Practices

Ch. 6. Designing Organizational Unit and Group Structure

Ch. 7. Active Directory Infrastructure

Ch. 8. Creating Federated Forests and Lightweight Directories

Ch. 9. Integrating Active Directory in a UNIX Environment

Pt. III. Networking Services

Pt. IV. Security

Pt. V. Migrating to Windows Server 2008 R2

Pt. VI. Windows Server 2008 R2 Administration and Management

Pt. VII. Remote and Mobile Technologies

Pt. VIII. Desktop Administration

Pt. IX. Fault-Tolerance Technologies

Pt. X. Optimizing, Tuning, Debugging, and Problem Solving

Pt. XI. Integrated Windows Application Services

Index

Understanding the Empty-Root Domain Model

The schema is the most critical component of AD DS and should, therefore, be protected and guarded closely. Unauthorized access to the schema master domain controller for a forest can cause some serious problems and is probably the best way to corrupt the entire directory. Needless to say, segregation of the keys to the schema from the user base is a wise option to consider. From this concept was born the empty-root domain model, shown in Figure 5.11.

Figure 5.11. Empty-root domain model with an unpopulated forest root.

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

Chapter 5. Designing a Windows Server 20... > Understanding the Empty-Root Domain ...

Understanding the Empty-Root Domain Model

Figure 5.11. Empty-root domain model with an unpopulated forest root.