Multiple Domains On Same Server?

T

Tolasar

Gawd
Joined
Aug 24, 2001
Messages
595
I am trying to figure out what the best thing to do is here. I have someone who owns 3 companies, none of them are in what I would call a "secure" networking environment. They are all on workgroups with completely open access to all files, etc.

The owner wants to switch over to a domain based system. I am thinking Windows Server 08 (or 03 if it's still available). They want all 3 companies under the same server? I am thinking 3 domains on one server. Is that possible with just one physical server?

To me, it would make sense to have a server/domain for each company in case things went wrong with the only one server. Would it be better to keep it separate this way or is it better to run all 3 on the same?

Thanks.
 
Well I would think you would want 3 servers, one for each domain. If you have three companies authenticating with the server when the users logs in and then you have user accessing resources off that server, etc, that is going to be a lot of traffic. I would think it be best if you isolate each of the companies traffic to there own server.
 
You can set up a single Active Directory domain to contain multiple UPN suffixes. That would give you the appearance of having multiple "Domains".. For example you could have logins like:

[email protected]
[email protected]
[email protected]

Even though they're all in the same AD domain. However, even in this situation I'd go with at least two servers (AD controllers)... Of course then, security can be defined by groups to keep one company out of another's files, etc, etc...

However, you also need to consider the implications of what happens should these companies split some time down the road. It's much more difficult to split them up later... user accounts, permissions, etc... GUID's & SID history can be migrated to other forests, but it's not the most fun task....

Without knowing the business, or business owner, it's hard to give any further advice...
 
Depending on the size of the companies you could virtualize...but like mentioned, that could be a lot of traffic for one box. How many users total between the three companies?
 
Lazy_Moron said:
Well I would think you would want 3 servers, one for each domain. If you have three companies authenticating with the server when the users logs in and then you have user accessing resources off that server, etc, that is going to be a lot of traffic. I would think it be best if you isolate each of the companies traffic to there own server.
Click to expand...

It depends on how big these "companies" are. If there's three companies who each have 10 employees, then a single server would be plenty up to the task of handling the file and print traffic in such a situation... Since there's even talk or consideration of "only one" server, I'm guessing these are small startup businesses where they all reside in the same location...
 
jpochedl said:
You can set up a single Active Directory domain to contain multiple UPN suffixes. That would give you the appearance of having multiple "Domains".. For example you could have logins like:

[email protected]
[email protected]
[email protected]

Even though they're all in the same AD domain. However, even in this situation I'd go with at least two servers (AD controllers)... Of course then, security can be defined by groups to keep one company out of another's files, etc, etc...

However, you also need to consider the implications of what happens should these companies split some time down the road. It's much more difficult to split them up later... user accounts, permissions, etc... GUID's & SID history can be migrated to other forests, but it's not the most fun task....

Without knowing the business, or business owner, it's hard to give any further advice...
Click to expand...
I can see your point about the companies separating. I knew it didn't sound like the best idea, but I was told to consider all options. The 3 businesses are in the same physical location I would say about 30-40 employees total.

One is a non profit, second one is a real estate development company, the 3rd is admin for a retirement community.
 
You must log in or register to reply here.
Back
Top