Tags Active Directory Active Directory Replication Active Directory Tools Antivirus App-V Azure Backup BCP Cloud Cloud Computing Cloud Services CRM CRM 2011 Cyber Cyber Security Cyber Space DAG Database Availability Group Debug Deployment Dev Disaster Re

A few colleges asked me the following question: “Is a Multiple Active Directory Domains In a Single Forest Is Required Today?”.

Due the fact that is no official answer exits, I would try to provide a few guidelines that would help you to obtain the correct answer to your enterprise.

The main (please note: main) benefits to use Multiple Active Directory Domains In a Single Forest Is Required Today from my perspective are:

A.The domain Scalability / Limitation doesn’t answer for you enterprise needs:

Maximum Number of Objects

Maximum Number of Security Identifiers

Maximum Number of entries in Discretionary and Security Access Control Lists

Group Memberships for Security Principals

FQDN Length Limitations

File Name and Path Length Limitations

Additional Name Length Limitations

Maximum Number of GPOs Applied

Trust Limitations

Maximum Number of Accounts per LDAP Transaction

Recommended Maximum Number of Users in a Group

Recommended Maximum Number of Domains in a Forest

Recommended Maximum Number of Domain Controllers in a Domain

Recommended Maximum Kerberos Settings

RedMor     Taken from the site&Blog of Thanks Yuval Sinay

 

Leave a Reply

Your email address will not be published. Required fields are marked *


CAPTCHA Image
Reload Image

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WhatsApp Logo IT World