Educause Security Discussion mailing list archives
Re: OU Structure in Active Directory
From: Alex Keller <alkeller () SFSU EDU>
Date: Wed, 21 Jul 2010 08:59:03 -0700
i used to believe in creating lots of nested OUs for the sake of organization but over the years i found that this is often more trouble that it is worth. now i am going with the less is more philosophy, creating OUs where needed for group policy settings or where it makes sense to show a hard delineation. manually setting up OUs by department gets messy quick (people move around or are a member of multiple depts), i suppose if you were getting this info from an identity provider that would make it a little cleaner. we are currently separating out servers, staff/faculty workstations, and lab computers, on the user side everybody goes in one massive OU and we use loop back processing to process GPOs by machine instead of user. best, alex On 7/21/2010 7:46 AM, Brandon Payne wrote:
Currently we are in the designing and implementing phase for the first time with Active Directory. We are in a single domain environment. How are you structuring your OU's? How are you targeting your users in the OU structure? By dept? By employee category? By machine type (desktops, laptops)? For ex - Employees Staff Faculty Labs Students What has or has not worked out for your school in the long run? Do you have any recommendations based on your experiences? Thanks in advance, -- Brandon Payne Technical Support Specialist Information Services Sauk Valley Community College
-- Alex Keller Systems Administrator Academic Technology, San Francisco State University Office: Burk Hall 153 Phone: (415)338-6117 Email: alkeller () sfsu edu
Current thread:
- OU Structure in Active Directory Brandon Payne (Jul 21)
- Re: OU Structure in Active Directory Patrick D Menard (Jul 21)
- Re: OU Structure in Active Directory Alex Keller (Jul 21)
- Re: OU Structure in Active Directory Brandon Payne (Jul 21)