This WSSRA guide provides directory service lifecycle guidance as part of the Windows Server System™ Reference Architecture (WSSRA). On This PageExecutive SummaryAs organizations expand, the task of managing large amounts of common information in a coherent fashion while supporting its distribution and quick retrieval becomes increasingly important and more complex. Because such information is used to support the management of employees and computing resources, the efficiency of managing it has a direct impact on the organization’s cost base. The growth of an organizations personnel and supporting information technology devices requires additional IT (information technology) staff and management technologies to handle the additional authentication services, and there is a greater chance of failure because of interoperability issues with the added technologies. In addition, security is invariably weakened due to the likelihood of users writing down the numerous account and password combinations they require to perform their jobs. It becomes imperative to manage the information relating to employees and their use of computing resources with a single, coherent mechanism, one that possesses the characteristics required for the most efficient management of this information. First, it should be organized and presented in an understandable fashion. Second, a common method of querying should be supported, regardless of the type of data being requested. Finally, information with similar characteristics should be managed in a similar manner. The ways in which information is grouped and managed should be determined by the organization concerned, in ways that complement the organization's structures. Implementation of a directory-based mechanism helps reduce the costs of maintaining a computing environment, both by increasing the efficiency of operational management procedures and by reducing the risks that arise from the lack of proper mechanisms. Who Should Read This Document Set The Directory Services document set is written to meet the requirements of IT professionals who are responsible for the planning, design, deployment and operations of directory services in the enterprise, corporate, or branch office environments. The readers of this document set are expected to have an understanding of its technical details; however, service-level expertise is not needed to follow the enterprise-level discussions and to understand the decisions that are made. The document set is broken up into five (5) sections: | • | Introduction | | • | Directory Services Blueprint | | • | Directory Services Planning Guide | | • | Directory Services Build Guide | | • | Directory Services Operations Guide |
Each of the four (4) content sections is written for consumption across all IT roles, but each section also holds a specific level of relevance to the varied architecture, planning, building and operating roles in a typical enterprise IT environment. The guidance provided with this service will help you understand options available to you and for the generic scenario that was adopted. This service guidance set helps the reader through the process of making the best design decisions and implementation based on the inherent complexity the technologies involved and unique needs of every organization. No design can be a “one size fits all”, so the emphasis is on empowering others through best practice for an optimized solution. Using the Directory Service Guide SetThe lifecycle guidance for the directory service provides the following documents: 
See full-sized image
| • | Directory Service Blueprint: Provides a detailed view of the design decisions and processes involved in creating an enterprise-class directory services solution. It includes design options in the following technical areas: | • | Forest design | | • | Organizational unit (OU) structure | | • | Operations master roles | | • | Site topology | | • | Geographic distribution | | • | Directory security | | • | Manageability | | • | Interoperability |
| | • | These design options, with their pros and cons, are pure referential discussion that is not specific to one scenario or organization. When this blueprint is combined with the scenarios and requirements that form our fictitious Contoso organization in a way to make good design decisions, the following implementation documents are produced. It’s this process that creates architecture driven design with conscious decisions and trade-offs being made. | | • | Directory Service Planning Guide: Provides details of the design of Active Directory for the Contoso fictitious organization. Where relevant, any design decisions made will be explained to help you understand the reasoning and make the most appropriate decision for your scenario or organization. | | • | Directory Service Build Guide: Provides details of the build and configuration of Active Directory for the Contoso fictitious organization. It also provides information on the test cases used in our test lab environment to prove the design. | | • | Directory Service Operations Guide: Provides operations references for Active Directory. |
SummaryThis introduction is intended to help readers understand the need for directory service in an organization, and the nature of guidance provided for directory service in Windows Server System™ Reference Architecture(WSSRA). The directory service guidance set is intended to help readers understand the design options available, a design decision based on a specific scenario and then the build, test and operations specifics for implementing the design. While the specific design and implementation may not be what is required for your scenario or organization, the process followed can be re-applied in your context to help you make good conscious decisions for the most optimized design to suit your needs. The directory service guidance includes documents that provide guidance on identifying and understanding issues that are inherent in designing an enterprise-class directory service solution that is secure, scalable, manageable, and reliable.
| 
show toc
