Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OU Structure in Active Directory

From: Brandon Payne <payneb () SVCC EDU>
Date: Wed, 21 Jul 2010 14:06:23 -0500
Thank you all.  Yeah my goal is to keep it organized and simple as possible,
but also keeping policies applicable to certain OU's in mind.

90% of our faculty have laptops and need to be able to login to their
machine from home (and some could be gone at most a semester), so they will
need certain policies applied separate from Staff.  We also have very few
Staff members who also have laptops, so that will throw in a curveball.

Since we are running Server 2008R2 we are able to itemize some of the GP
settings with GP Preferences.

-- 
Brandon Payne
Technical Support Specialist
Information Services
Sauk Valley Community College


On Wed, Jul 21, 2010 at 10:59 AM, Alex Keller <alkeller () sfsu edu> wrote:


 i used to believe in creating lots of nested OUs for the sake of
organization but over the years i found that this is often more trouble that
it is worth. now i am going with the less is more philosophy, creating OUs
where needed for group policy settings or where it makes sense to show a
hard delineation. manually setting up OUs by department gets messy quick(people move around or are a member of 
multiple depts), i suppose if you
were getting this info from an identity provider that would make it a little
cleaner. we are currently separating out servers, staff/faculty
workstations, and lab computers, on the user side everybody goes in one
massive OU and we use loop back processing to process GPOs by machine
instead of user.

best,
alex


On 7/21/2010 7:46 AM, Brandon Payne wrote:

Currently we are in the designing and implementing phase for the first time
with Active Directory.  We are in a single domain environment.

 How are you structuring your OU's? How are you targeting your users in
the OU structure?  By dept? By employee category? By machine type (desktops,
laptops)?

 For ex -

 Employees
   Staff
   Faculty
Labs
  Students

 What has or has not worked out for your school in the long run?  Do you
have any recommendations based on your experiences?

 Thanks in advance,

--
Brandon Payne
Technical Support Specialist
Information Services
Sauk Valley Community College


--
Alex Keller
Systems Administrator
Academic Technology, San Francisco State University
Office: Burk Hall 153 Phone: (415)338-6117 Email: alkeller () sfsu edu
Previous By Date Next
Previous By Thread Next

Current thread: