Chapter 2. Active Directory Design Principles
In order to design a proper Active Directory infrastructure, knowledge of its workings, and what it is based on, is essential. The basis for Active Directory is the Lightweight Directory Access Protocol (LDAP), which is an X.500 standard (to read more about the X.500 standard please visit: http://en.wikipedia.org/wiki/X.500). LDAP defines that a directory is a tree of entries, with each entry containing a set of attributes. Each entry has a unique identifier and therefore cannot be duplicated. This way everything is an object in an LDAP-based directory.
There are many great books available for Active Directory design and some of them go into great detail. Compressing all this into a single chapter is just not possible, so in this chapter, we will stick to the basics and a high-level view, instead of too much detail. This will provide a good overview of how to design a proper Active Directory, with different strategies in mind, and tailor it best...