The centralized administration model is the administrative model that most companies strive to achieve. With the centralized administration model, a core administrative group controls all of the IT assets at one central location.
Although this is the model that many companies wish they could implement, many find that they cannot for several reasons. Whether it is due to business, legal, or cultural reasons, some companies have found that this model will not fit within their organization. For example, some companies provide services or products to military divisions of our government. When these defense contracts are given out, the company that receives the contract must abide by national security regulations. Some of these regulations require that the division to whom the contract was awarded be completely isolated from the rest of the company. This keeps the information safeguarded from those individuals who do not need access to the information. This also means that the administrators of this information will probably need to be isolated from the rest of the company.
Two different structural models exist on which centralized administration is built: centralized administration with centralized resources, and centralized administration with decentralized resources. Both of these pose their own challenges and have definite advantages and disadvantages.
The Centralized/Centralized Approach
The inherent nature of the centralized administration with centralized resources model does not allow for very much flexibility. If a company has a single location with all of the employees accessing the resource from a central location, this is not a problem. As companies grow, merge with, and acquire other companies, the ability to keep all of their assets centralized becomes a challenge. Most companies find that, to reduce costs and ease administrative problems, they have to move to one of the other models discussed later. Figure 1.4 shows a simple version of this approach with all of the resources located at the Chicago office.
One big advantage of the centralized resources approach is that it is easy to administer. With all of the assets based at one location, administrators have all of the systems at their fingertips. Whenever a security update or a system patch needs to be applied, the systems are close by. Because all of the systems are geographically close to one another, communication problems are usually not an issue. In a local area network, the systems should have plenty of available bandwidth in which to communicate and share data.
The Active Directory design for the centralized/centralized approach is usually an easy one to decide upon. Because the resources are centralized and the administrative staff is usually grouped together, a simple, single forest design usually containing a single domain will suffice. Of course, other design criteria will come into play and may change the forest and domain structure, but it is best to start simple and add complexity as necessary.
The Centralized/Decentralized Approach
When companies discover that centralizing their resources is not efficient, they may want to decentralize their resources, yet maintain a centralized administration group. Whereas this option may not have seemed feasible as few as 10 years ago, advances in remote control administration and system automation have made this administrative model very intriguing. Figure 1.5 shows an example of an organization using this approach.
Ce ilral I; ei/Dece hlia I lied
Ce ilral I; ei/Dece hlia I lied
Let's face it, an administrator no longer has to be sitting in front of the system to work with it. Tools as simple as the snap-ins for the Microsoft Management Console (MMC) have made it possible for us to control systems that are located in different cities, states, or countries. Where some of the snap-ins have limitations, other administrative utilities come into play allowing us to remotely administer a system. Microsoft's Terminal Services is a shining example of a remote administration tool. Once the Terminal Services client is started and connects to the remote server, the administrator can perform nearly every task they could perform from a local machine. The only exception is when the administrator needs to physically replace a device or switch out removable media. And now that terminal services allows the client to connect to the console session, a remote administrator can view what is happening on the server and view any messages that may appear within the console session.
Automation tools also make an administrator's job easier and facilitate controlling remote systems from a central location. From backing up servers at predetermined times, to automating the installation of software, these automation tools end up paying for themselves.
Administrators no longer have to travel to the physical location of the system in order to perform most tasks. A good example of this is utilizing Group Policy objects (GPOs) to automate software installation on a client computer or to set security requirements on a server.
The main drawback to the centralized/decentralized method stems from the fact that the administrative staff is geographically distant from the resources. If something happens to a server, the staff has to travel to the location where the resource is located in order to work on it. This means the staff will encounter times when the resource could be offline for an extended amount of time. Due to this reason in particular, companies will not adopt the centralized/ decentralized model and will instead opt to use a different approach to administration. In the next section , you will find the administration theory that is the polar opposite to the centralized administration model.
Was this article helpful?