IT tutorials
 
Applications Server
 

Configuring Active Directory Server Roles : Administering Active Directory - An Overview of OUs

3/19/2014 2:32:44 AM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

An organizational unit (OU) is a logical group of Active Directory objects, just as its name implies. OUs serve as containers within which other Active Directory objects can be created, but they do not form part of the DNS namespace. They are used solely to create organization within a domain.

OUs can contain the following types of Active Directory objects:

  • Users

  • Groups

  • Computers

  • Shared Folder objects

  • Contacts

  • Printers

  • InetOrgPerson objects

  • MSMQ Queue Aliases

  • Other OUs

Perhaps the most useful feature of OUs is that they can contain other OU objects. As a result, systems administrators can hierarchically group resources and other objects according to business practices.

Another advantage to OUs is that each can have its own set of policies. Administrators can create individual and unique Group Policy objects (GPOs) for each OU. GPOs are rules or policies that can apply to all the objects within the OU.

Each type of object has its own purpose within the organization of Active Directory domains. Later in this chapter, you'll look at the specifics of User, Computer, Group, and Shared Folder objects. For now, let's focus on the purpose and benefits of using OUs.

1. The Purpose of OUs

OUs are mainly used to organize the objects within Active Directory. Before you dive into the details of OUs, however, you must understand how OUs, users, and groups interact. Most importantly, you should understand that OUs are simply containers that you can use to logically group various objects. They are not, however, groups in the classical sense. That is, they are not used for assigning security permissions. Another way of stating this is that the user accounts, computer accounts, and group accounts that are contained in OUs are considered security principals while the OUs themselves are not.

OUs do not take the place of standard user and group permissions. A good general practice is to assign users to groups and then place the groups within OUs. This enhances the benefits of setting security permissions and of using the OU hierarchy for making settings. Figure 1 illustrates this concept.

Figure 1. Relationships of users, groups, and OUs

An OU contains objects only from within the domain in which it resides. As you'll see in the section titled "Delegating Administrative Control," later in this chapter, the OU is the finest level of granularity used for group policies and other administrative settings.

2. Benefits of OUs

There are many benefits of using OUs throughout your network environment:

  • OUs are the smallest unit to which you can assign directory permissions.

  • You can easily change the OU structure, and it is more flexible than the domain structure.

  • The OU structure can support many different levels of hierarchy.

  • Child objects can inherit OU settings.

  • You can set Group Policy settings on OUs.

  • You can easily delegate the administration of OUs and the objects within them to the appropriate users and groups.

Now that you have a good idea of why you should use OUs, take a look at some general practices you can use to plan the OU structure.

 
Others
 
- Configuring Active Directory Server Roles : Active Directory Rights Management Services
- Microsoft Lync Server 2013 : Mediation Server Troubleshooting (part 2) - Synthetic Transactions, Telnet
- Microsoft Lync Server 2013 : Mediation Server Troubleshooting (part 1)
- Microsoft Lync Server 2013 : Mediation Server Administration
- Microsoft Lync Server 2013 : Mediation Server Configuration
- Microsoft Lync Server 2010 : Installing Mediation Server (part 4) - Create Certificates
- Microsoft Lync Server 2010 : Installing Mediation Server (part 3) - Install Lync Mediation Server Components
- Microsoft Lync Server 2010 : Installing Mediation Server (part 2) - Create a Mediation Server Pool
- Microsoft Lync Server 2010 : Installing Mediation Server (part 1) - Hardware Recommendations
- Microsoft Lync Server 2010 : Mediation Server Overview
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us