Subdomains Vs. OUs?

Hello I work for a school district that right now has each school as a SUB domain under the main domain. The main domain is "englishtown.edu". Then each school is "school1.englishtown.edu", "school2.englishtown.edu", etc....

Would I be wrong in suggesting putting all the schools into ONE domain for easier management? We can just seperate out teachers and students into OU's.

So my question is, what is the difference between a subdomain and an OU??? What are the reasons to have a subdomain?

Oh and our mail servers are at the root level (all email addresses are xxxx@englishtown.edu) - no need for school specific email addresses.

Thanks,

A

4 Answers

Relevance
  • 1 decade ago
    Best Answer

    Consider these two extracts from our friends at Wikipedia

    .........................................................................................................

    Subdomain:

    Subdomains are commonly used by organizations that wish to assign a unique name to a particular department, function, or service related to the organization. For example, a university might assign "cs" to the computer science department, such that a number of hosts could be used inside that subdomain, such as mail.cs.example.edu or www.cs.example.edu.

    .........................................................................................................

    OU (Organizational Unit):

    For AD, Microsoft recommends as few domains as possible and a reliance on OUs to produce structure and policies. Group Policy settings apply most commonly to OUs and not to domains or to groups, which AD stores as Group Policy Objects (GPOs), although GPOs can also model domains or sites. The OU represents the lowest level to which AD can delegate administrative powers. OUs differ from Security Groups in that one can apply Group Policies to them and that they model hierarchies (one can put an OU in an OU.).

    In AD, OUs can contain any other unit, including other OUs and so on. OUs let an administrator group computers and users so as to apply a common policy to them.

    OUs give a domain a hierarchical structure, and when well designed can ease administration.

    .........................................................................................................

    Microsoft recommends (and I agree with their logic) that you use OU's where possible as it allows for better organizational options such as group policies, nested OU's, and mixed objects. While the latter two can happen under a subdomain, it's requires more work to manage the group policies.

    A simple structure for each school could look something like this:

    englishtown.edu

    |

    +school1 (OU)

    .....Staff (OU)

    ..........staffname1

    ..........staffname2

    ..........staffname3

    .....Students (OU)

    ..........student1

    ..........student2

    ..........student3

    .....Printers (OU)

    ..........printer1

    ..........printer2

    ..........printer3

    .....Shares (OU)

    ..........share1

    ..........share2

    ..........share3

    +school2 (OU)

    +school3 (OU)

    Subdomains serve organizations better when there must be a clear delineation between parts of a company. Often, when this division into separate domains occur, it is due to the need for a unique public presense for each. Microsoft needs to keep a publicly visable separation between it's different divisions and has implemented several subdomains, including the following:

    msdn.microsoft.com

    office.microsoft.com

    technet.microsoft.com

    If this is not a requirement, then you should plan carefully to make the transition to using OU's. The benefits in managing your Active Directory structure and security for the school system's computer resourses far outweigh any gain in having subdomains.

    I encourage you strongly to spend time exploring your layout for Active Directory using OU's instead of subdomains. In the long run, you'll need less Tylonal while managing your network, and it'll help control your budget restraints (something all educational support staff grapple with...experience speaking there).

    I hope this helped clarify things a bit for you.

    Michael McLaughlin @ Iron Oak IT inc., Calgary, AB

    http://www.linkedin.com/in/michaeljmclaughlin

    http://www.ironoakit.com

    Source(s): Subdomain: http://en.wikipedia.org/wiki/Subdomain ......................................................................................................... OU (Organizational Unit): http://en.wikipedia.org/wiki/Organizational_Unit ......................................................................................................... Creating an Organizational Unit Design http://technet2.microsoft.com/windowsserver2008/en... ......................................................................................................... AD DS Design Guide http://technet2.microsoft.com/windowsserver2008/en...
  • yagoda
    Lv 4
    3 years ago

    Active Directory Subdomain

  • 1 decade ago

    Depending on your network infrastructure, I would have one domain with each school as an OU , with each OU school having its Users , Groups, Servers and Workstations sub containers\OUs.

  • trudel
    Lv 4
    3 years ago

    Randy Orton vs Undertaker vs Cena (WM 25) call vs streak vs profession motives: call: Orton is likely to be champ for an prolonged time streak : Undertaker on no account misplaced in WM profession: Cena is crap as a wrestler so i think of he would desire to retire lol

Still have questions? Get your answers by asking now.