Implementing Windows 2000

Here’s what to keep in mind when implementing Windows 2000 Server

Architecture, site design and Active Directory structure are all important issues

If you’re in the business of helping companies plan and implement Windows 2000 Server, you have your work cut out for you.

A couple of months ago, I was instructing a class called “Designing a Windows 2000 Directory Services Infrastructure” to a group of network administrators and enterprise architects. At the end of the class, the general consensus was that companies planning to implement Windows 2000 Server will need to be aware of more issues and will require far more planning time than in the past.

Companies planning to upgrade or migrate will have to consider issues such as domain design structure, site design, Active Directory structure, naming conventions in Windows 2000, enterprise security and Internet issues, DNS design and working in a mixed environment.

In Windows 2000, the architectural design is completely different than Windows NT 4.0. NT has two kinds of controllers – Primary Domain Controller (PDC) and Backup Domain Controller (BDC). The PDC is the only controller that holds a read/write copy of the directory database (SAM). The BDC holds a read only copy of the directory database. All changes have to be submitted to PDC, which then gets updated with the BDC.


In Windows 2000 Server, the PDC disappears. All domain controllers are equal and hold a writable copy of the Active Directory database.

The simplest design you can have in Windows 2000 would be to implement a single domain (which can have several domain controllers holding a replica copy of the Active Directory database) in a single tree in a forest.

As more domains (child domains) may be added to the tree for valid reasons within the same forest, the Active Directory database will grow, requiring more resources, more controllers and more sites based on the physical locations of the controllers.


Once you’ve worked through the Domain design structure, the next consideration is the site topology.

A simple site design consists of a single site. This means that replication takes place automatically between the domain controllers. However, if you have multiple sites you’ll have to consider several issues such as connectivity, network bandwidth, performance and cost for replication to take place between the sites. When setting up replication, factors such as when to replicate and how often will have to be considered carefully.


Next, what is the logical design structure of the Active Directory going to look like?

There are two main types of administration models to consider when designing an Active Directory structure – centralized and decentralized, with also the possibility of combining the two, depending on the organization’s business structure.

The Active Directory structure design will also reflect how the network administrator will manage the user accounts, the network security and the network resources for the entire organization. In a centralized administration model, all the network administration and operation functions are managed at a central point for the company. On the other hand, a decentralized model allows each business unit to manage its own structure, therefore all divisions, for instance, manage their own accounts, security, configuration of replication and server operations.


Windows 2000 Server uses the same naming convention as the DNS (Domain Name System). Each object is identified by a LDAP (Light Directory Access Protocol) Distinguished Name such as CN=Tazmin Velji, CN=Users, DC=CDI, DC=Com.

The LDAP distinguished naming convention references the LDAP server in the DNS resource records, which resolves Active Directory queries such as searching for printers, user names and network resources. NETBIOS names are used only for reverse compatibility with previous versions of NT.

Since the naming convention of Windows 2000 is the same as DNS, it is critical that the DNS naming strategy reflect how Active Directory queries will be handled. The other factor to consider when designing the naming convention is whether your company currently has or plans to use the Internet. If your company’s registered Domain name is used as the root domain name for the Active Directory database, careful considerations will need to be made between the internal and external DNS servers in terms of security.

Upgrading or migrating to Windows 2000 Server clearly requires vigorous planning. The accompanying chart provides a checklist of issues to consider.

Velji is a senior technical instructor/consultant with CDI Corporate Education Services in Toronto. She is at [email protected].


Consider the following…


– network design

– administration model

– locations of all controllers

– network topology and network bandwidth

– current domain design and trust relationships

– user habits

– application environment

– network resources

– current DNS design

– current hardware

– Active Directory structure, based on Internet presence


– Plan a Domain design to reflect your current structure or plan a new one.

– Design a site based on controllers location, including issues such as network bandwidth, cost, performance, etc.

– Outline a replication strategy based on number of sites, grouping fast-link and slow-link sites together.

– Plan an Active Directory naming convention to reflect company DNS

– Create a good DNS strategy

– Draft the Active Directory structure based on a centralized, decentralized or combined administration model.

– Plan to maintain a mixed environment until Windows 2000 has been completely deployed to Windows 2000 controllers.

– Create a solid recovery plan in case of problems with the deployment of controllers.

– Decide where Global Catalog servers will be located and how many.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Next article

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now