Re: OU Structure in Active Directory

[Alex Keller <alkeller () SFSU EDU>]

i used to believe in creating lots of nested OUs for the sake of
organization but over the years i found that this is often more trouble
that it is worth. now i am going with the less is more philosophy,
creating OUs where needed for group policy settings or where it makes
sense to show a hard delineation. manually setting up OUs by department
gets messy quick (people move around or are a member of multiple depts),
i suppose if you were getting this info from an identity provider that
would make it a little cleaner. we are currently separating out servers,
staff/faculty workstations, and lab computers, on the user side
everybody goes in one massive OU and we use loop back processing to
process GPOs by machine instead of user.

best,
alex

On 7/21/2010 7:46 AM, Brandon Payne wrote:
> Currently we are in the designing and implementing phase for the first
> time with Active Directory.  We are in a single domain environment.
>
> How are you structuring your OU's? How are you targeting your users in
> the OU structure?  By dept? By employee category? By machine type
> (desktops, laptops)?
>
> For ex - 
>
> Employees                                    
>    Staff
>    Faculty                  
> Labs
>   Students
>
> What has or has not worked out for your school in the long run?  Do
> you have any recommendations based on your experiences?
>
> Thanks in advance,
>
> -- 
> Brandon Payne
> Technical Support Specialist
> Information Services
> Sauk Valley Community College

-- 
Alex Keller
Systems Administrator
Academic Technology, San Francisco State University
Office: Burk Hall 153 Phone: (415)338-6117 Email: alkeller () sfsu edu