Posted in Azure Windows Server Hybrid Administrator, MCSA Windows Server 2016

Active Directory Organisational Units

   April 20, 2023

In Microsoft Active Directory, Organizational Units (OU) are containers used to group related objects, such as user accounts, computer accounts, and other OUs. OUs are used to simplify the administration of large networks by allowing administrators to delegate authority and apply group policies to specific groups of objects.

Here are some examples of how OUs can be used:

  1. Delegating administrative control: OUs can be used to delegate administrative control to different departments or teams within an organization. For example, an OU can be created for the IT department, allowing IT administrators to manage their own user accounts and computers without affecting other departments.
  2. Applying Group Policies: OUs can be used to apply Group Policies to specific groups of objects. For example, an OU can be created for a department that requires a specific security policy, allowing administrators to apply the policy to all objects within the OU.
  3. Organizing objects: OUs can be used to organize objects in a way that reflects the structure of the organization. For example, an OU can be created for each department in the organization, with sub-OUs for specific teams or projects within each department.

Diagram:






                               +-------------+
                               |   Domain    |
                               +-------------+
                                      |
        +-----------------------------+-----------------------------+
        |                             |                             |
  +-----------+               +-----------+               +-----------+
  |   Sales   |               | Marketing |               |  Finance  |
  +-----------+               +-----------+               +-----------+
        |                             |                             |
  +-----------------+         +-----------------+         +-----------------+
  |  Sales West OU  |         |  Marketing OU   |         |   Finance OU    |
  +-----------------+         +-----------------+         +-----------------+
        |                             |                             |
  +-----------------+         +-----------------+         +-----------------+
  | Sales East OU   |         | Marketing West  |         |  Finance North  |
  +-----------------+         |      OU         |         |        OU       |
                              +-----------------+         +-----------------+
                                      |
                              +-----------------+
                              |  Marketing East  |
                              |        OU       |
                              +-----------------+






In this example, the domain is divided into three main OUs for Sales, Marketing, and Finance. Each of these OUs contains sub-OUs for specific regions or teams within each department. For example, the Sales OU contains two sub-OUs for the Sales East and Sales West regions. Each sub-OU can have its own Group Policies applied to control security settings or user configurations.





OUs provide a flexible and scalable way to manage large networks by allowing administrators to delegate authority, apply group policies, and organize objects in a way that reflects the structure of the organization.

    


    
    
Share: XFacebookPinterestLinkedin

    
    
            

            

            

            
                
            
            

                
Author: tonyhughes