Gathering Information and Analyzing Requirements in Active Directory
Terms you'll need to understand:
Centralized organizational model
Decentralized organizational model
Techniques you'll need to master:
Determining the organizational model
Determining the organizational structure
Determining LAN/WAN connectivity
Assessing the available bandwidth
Determining a business's performance requirements
Assessing the impact of Active Directory
This chapter is broken up into three main sections, each of them equally important. These sections are "Gathering and Analyzing Business Requirements," "Gathering and Analyzing Technical Requirements," and "Assessing the Impact of Active Directory." As you work through this chapter, don't forget to keep in mind the terms you'll need to understand and the techniques you'll need to master, as shown on the chapter's title page.
Throughout this chapter, some reference will be given to a fictitious business called XYZ Corporation. The XYZ Corporation is comprised of two main departments: training and external IT. XYZ Corporation has several locations throughout the world and has established several partnerships with other organizations worldwide. XYZ Corp. is in the process of designing an Active Directory infrastructure.
Gathering and Analyzing Business Requirements
The first step in implementing an Active Directory infrastructure for an organization is to analyze its administrative structure, needs, and goals. This is one of the most important steps because the information gathered from the analysis will influence the design of the Active Directory structure. An effective business analysis offers a clear understanding of the business and allows for the creation of an Active Directory structure that should meet the needs of the organization. The information gathered about the business should be reflected in the design plans.
The following sections cover what you'll need to do to complete this analysis. These tasks include determining scope, assessing organizational models, assessing business processes, identifying business priorities, and determining client computing requirements.
During this phase of the design process, the design team needs to determine the scale of the rollout, meaning which areas in the organization will be included in the design. Determining the areas in the organization that are to be included in the plan helps you design an Active Directory structure that meets the requirements and needs of the business. The following are a few general questions that will assist you in determining the scope of the business's plan:
Is the Active Directory structure to include the entire organization or just certain areas?
Does the organization foresee any growth in the next five years, and if so, should this information be included in the plan?
Does the organization have any clients or partners that should be included in the Active Directory design plan?
Using the example of the XYZ Corporation, you could use the following questions to determine the scale of the Windows 2000 rollout:
Is the rollout going to include the entire XYZ Corporation, or will it include only specific departments?
Does the XYZ Corporation foresee any growth in the next five years?
Does the scope include the partners and clients that the XYZ Corporation has established?
Assessing Organizational Models
When performing the assessment of a business, it is imperative that you determine the organizational model (also referred to as the administrative model) that is being used.
Three types of models can be implemented: the centralized organizational model, decentralized organizational model, and centralized-decentralized organizational model.
Centralized Organizational Model
In a centralized model, an upper management group is usually responsible for most of the decision-making in the business, as illustrated in Figure 3.1. Administration is very much centralized; one group is responsible for making decisions and implementing them at all levels throughout the business.
Figure 3.1 The XYZ Corporation might choose to implement a centralized organizational model. Central management in the XYZ Corporation would hold all decision-making authority for the training division and the external IT division.
Decentralized Organizational Model
In an organization that implements a decentralized organizational model, each business unit or department is responsible for its own administration (called localized administration). This type of model works well for an organization compromised of several distinct businesses or departments. Each business unit can make its own decisions based on its own needs, without affecting the administration of other business units.
If the XYZ Corporation chooses to implement a decentralized model, the diagram shown in Figure 3.1 would be slightly different. As shown in Figure 3.2, no centralized management would exist and both divisions in the organization would be able to make decisions based on their own needs.
Figure 3.2 If the XYZ Corporation implemented a decentralized organizational model, no central management group would exist. Each divisiontraining and external ITwould be responsible for its own administration. Administration in the organization therefore becomes localized.
Centralized-Decentralized Organizational Model
The third model is actually a combination of the first two. A business that implements this model usually recognizes a need for some form of centralized management, but certain administrative tasks have been delegated to various groups to maintain a level of localized administration. In a model such as this, a centralized IT team might exist that is responsible for overall network development while certain tasks, such as creating user accounts, might be delegated to the IT teams in each business unit. Using the XYZ Corporation as an example, this type of model is shown in Figure 3.3.
Figure 3.3 If the XYZ Corporation implemented a centralized-decentralized organizational model, a central management group would exist but each division would still be given administrative authority over certain tasks.
The type of organizational model a business implements should be reflected in the Active Directory design.
After you've determined the organizational model to implement in the business, you can determine how the business is actually structured. Assessing the organizational structure is important in determining how administration is distributed throughout the business. Three organizational structures can be implemented, as follows:
GeographicalThe structure of the business is based on the geographical locations of its offices.
FunctionalThe structure is based on the various job functions (for example, purchasing, accounting, and manufacturing) defined in the business.
DivisionalThe business is implemented in an organizational structure based on the various divisions in itself. For example, the XYZ Corporation is compromised of two separate divisions (training and external IT consulting) and can choose to structure itself around them.
Taking the time to assess the organizational model and organizational structure of the business helps allow for the creation of an Active Directory structure that fits in with the current design. The organizational model and organizational structure that a business has implemented should be reflected in the Active Directory structure that will be implemented. The information gathered has an impact on how the various design elements (forests, trees, domains, and organizational units) are implemented.
Assessing Business Processes
You need to assess the current business processes in an organization because these processes have an impact on the design of the Active Directory structure. Examining this aspect of a business enables the design team to see how Windows 2000 will fit in with these processes and even make them more efficient.
Even the smallest changes can have an immense impact on an organization; therefore, you must prepare and plan for any changes. If the rollout of Windows 2000 will affect any of the business's current practices, be sure to document these changes and make the appropriate people fully aware of them.
For example, if it is common practice for the XYZ Corporation to move users from one division to the other, several aspects of the Active Directory design must be considered. First, because moving users between domains is more difficult than moving them between organizational units (OUs) in the same domain, a single-domain design might be preferred. Also, moving users from division to division can cause an increase in replication traffic. The design team will have to consider this business practice when creating sites in the Active Directory structure so that replication traffic in the XYZ Corporation can be optimized.
Identifying Business Priorities
Identifying a business's priorities assists the design team in creating an Active Directory structure that meets the business's needs and expectations. The technology features that will be implemented in Active Directory will be based on the priorities that the business has expressed. Assess what the business has laid out for itself in terms of short-term and long-term goals and what the business hopes to achieve. Then, you can determine how Windows 2000 will help the business meet its goals.
For example, one of the priorities of the XYZ Corporation might be to allow the divisions in the organization to maintain control over their own users and network resources. Knowing that this is a priority for the XYZ Corporation, the design team could create an Active Directory structure that would allow the corporation to maintain this localized administration.
Determining Client Computing Requirements
The Active Directory structure that is designed must meet not only the needs of administration, but also the needs of the users in the organization. Therefore, the client computing requirements must also be assessed. Evaluate the following information when determining the computing needs of the clients in an organization:
What type of configuration do the clients' computers require?
Do clients require a preconfigured desktop?
What tasks do the clients perform, and what do they need in order to perform them?
What are the computer requirements for client workstations if an upgrade is necessary? Keep in mind the minimum requirements for Windows 2000 Professional (these are the requirements to run the OS). If the clients will be running any applications, the minimum might not be sufficient.
To which applications do the clients need access?
To which network resources do users need access, and where are they located?
Which types of security do they require?