General Approach

1. Develop a hierarchical Active Directory structure within a single production domain which follows the Internet DNS naming scheme.
   
2. TTUnet Services will provide and maintain the 'TTU' Active Directory.
   
3. Provide for a university-wide, single sign on authentication structure which Windows system administrators can join and utilize for granting access to their resources.
   
4. Provide a secure Kerberos authentication environment.

Conceptual Sketch

Current Naming Scheme

The current TTUnet Internet Domain Naming Scheme utilizes a "departmental" (includes colleges & divisions) name  immediately preceding the 'TTU.EDU' domain name.  A list of the departmental codes and descriptions is available online.  Active Directory Organizational Units will follow the same naming scheme.

Joining the Active Directory Structure

Currrent domain or Active Directory structures will be consolidated to fit into a university-wide scheme.  In order to facilitate the joining of individual departments or colleges to the AD structure, temporary trusts may be assigned. These temporary trusts allow system wide authentication access while migrating to an organizational unit. Trusts will only be allowed with the TTU.EDU Active Directory Domain during a migration scenerio. Departmental NSCs can request a migratory trust using the appropriate form on the NSC web site.