Difference between revisions of "Active Directory/Documentation/Default OU"

From WolfTech
Jump to navigation Jump to search
Line 8: Line 8:
 
<td>The departmental root OU is the top level OU delegated to the department or college.  This OU should be named using the organization's common abbreviation.  For example, the Department of Electrical and Computer Engineering uses the abbreviation, ECE, so its root OU should be named ECE.
 
<td>The departmental root OU is the top level OU delegated to the department or college.  This OU should be named using the organization's common abbreviation.  For example, the Department of Electrical and Computer Engineering uses the abbreviation, ECE, so its root OU should be named ECE.
  
<BR><BR>This OU should be placed under the NCSU OU hierarchy corresponding to its place within NCSU's organizational hierarchy.  For example, the Department of Electrical and Computer Engineering is part of the College of Engineering, so the Department of Electrical and Computer Engineering's OU should be created under the College of Engineering's OU.
+
<BR>This OU should be placed under the NCSU OU hierarchy corresponding to its place within NCSU's organizational hierarchy.  For example, the Department of Electrical and Computer Engineering is part of the College of Engineering, so the Department of Electrical and Computer Engineering's OU should be created under the College of Engineering's OU.
  
<BR><BR>The managedBy property should be set to the primary OU Admin.</td>
+
<BR>The managedBy property should be set to the primary OU Admin.</td>
 
</tr>
 
</tr>
 
<tr valign=top>
 
<tr valign=top>

Revision as of 14:29, 21 July 2006

Default Setup

Organizational Units

OU Description
<Root OU> The departmental root OU is the top level OU delegated to the department or college. This OU should be named using the organization's common abbreviation. For example, the Department of Electrical and Computer Engineering uses the abbreviation, ECE, so its root OU should be named ECE.


This OU should be placed under the NCSU OU hierarchy corresponding to its place within NCSU's organizational hierarchy. For example, the Department of Electrical and Computer Engineering is part of the College of Engineering, so the Department of Electrical and Computer Engineering's OU should be created under the College of Engineering's OU.


The managedBy property should be set to the primary OU Admin.
<Root OU>\Departmental Users
<Root OU>\Departmental Users\Class Accounts
<Root OU>\Departmental Users\OU Admins
<Root OU>\Departmental Users\Other Users
<Root OU>\Departmental Users\Service Accounts
<Root OU>\Faculty
<Root OU>\Faculty\Desktops
<Root OU>\Faculty\Laptops
<Root OU>\Research Labs
<Root OU>\Research Labs\Sample RLab
<Root OU>\Research Labs\Sample RLab\Destops
<Root OU>\Research Labs\Sample RLab\Laptops
<Root OU>\Servers
<Root OU>\Software Packages
<Root OU>\Software Packages\Freeware
<Root OU>\Software Packages\NCSU Software
<Root OU>\Software Packages\<Root OU> Software
<Root OU>\Staff
<Root OU>\Staff\Desktops
<Root OU>\Staff\Laptops
<Root OU>\Teaching Labs
<Root OU>\Teaching Labs\Sample Tlab
<Root OU>\Teaching Labs\Sample Tlab\Desktops
<Root OU>\Teaching Labs\Sample Tlab\Laptops
<Root OU>\Unassigned

Users

User Description
<Root OU>\Departmental Users\OU Admins\<unityid>.admin Create an Administrator account for each desired IT staff member in the department. The account should be created in the <Root OU>\Departmental Users\OU Admins OU. These accounts will be given Administrator priveleges in the departmental OU and local administrator on all computers in the departmental OU.

Groups

Group Description
<OU Root>\<OU Root>-ACS Users
<OU Root>\<OU Root>-Allow RIS
<OU Root>\<OU Root>-Computer Admins
<OU Root>\<OU Root>-Computers
<OU Root>\<OU Root>-Desktops
<OU Root>\<OU Root>-Enable Remote Assistants
<OU Root>\<OU Root>-Enable Remote Desktop
<OU Root>\<OU Root>-Laptops
<OU Root>\<OU Root>-OU Admins
<OU Root>\<OU Root>-Users
<OU Root>\Faculty\<OU Root>-Faculty
<OU Root>\Faculty\<OU Root>-Faculty.Computers
<OU Root>\Faculty\<OU Root>-Faculty.Desktops
<OU Root>\Faculty\<OU Root>-Faculty.Laptops
<OU Root>\Research Labs\<OU Root>-Research Labs.Computers
<OU Root>\Research Labs\<OU Root>-Research Labs.Desktops
<OU Root>\Research Labs\<OU Root>-Research Labs.Laptops
<OU Root>\Research Labs\<OU Root>-Research Labs.Users
<OU Root>\Research Labs\Sample Rlab\<OU Root>-Sample Rlab.Administrators
<OU Root>\Research Labs\Sample Rlab\<OU Root>-Sample Rlab.Computers
<OU Root>\Research Labs\Sample Rlab\<OU Root>-Sample Rlab.Desktops
<OU Root>\Research Labs\Sample Rlab\<OU Root>-Sample Rlab.Laptops
<OU Root>\Research Labs\Sample Rlab\<OU Root>-Sample Rlab.Users
<OU Root>\Staff\<OU Root>-Staff
<OU Root>\Staff\<OU Root>-Staff.Computers
<OU Root>\Staff\<OU Root>-Staff.Desktops
<OU Root>\Staff\<OU Root>-Staff.Laptops
<OU Root>\Teaching Labs\<OU Root>-Teaching Labs.Computers
<OU Root>\Teaching Labs\<OU Root>-Teaching Labs.Desktops
<OU Root>\Teaching Labs\<OU Root>-Teaching Labs.Laptops
<OU Root>\Teaching Labs\<OU Root>-Teaching Labs.Users
<OU Root>\Teaching Labs\Sample Tlab\<OU Root>-Sample Tlab.Administrators
<OU Root>\Teaching Labs\Sample Tlab\<OU Root>-Sample Tlab.Computers
<OU Root>\Teaching Labs\Sample Tlab\<OU Root>-Sample Tlab.Desktops
<OU Root>\Teaching Labs\Sample Tlab\<OU Root>-Sample Tlab.Laptops
<OU Root>\Teaching Labs\Sample Tlab\<OU Root>-Sample Tlab.Users

Group Memberships

Group Membership Description
<OU Root>-ACS Users --> <Parent OU>-ACS Users
<OU Root>-Allow RIS --> <Parent OU-Allow RIS
<OU Root>-Computer Admins --> <OU Root>-Allow RIS
<OU Root>-Computer Admins --> <OU Root>-Remote Assistants
<OU Root>-Desktops --> <Parent OU>-Desktops
<OU Root>-Desktops --> <OU Root>-Computers
<OU Root>-Laptops --> <Parent OU>-Laptops
<OU Root>-Laptops --> <OU Root>-Computers
<OU Root>-OU Admins --> <Parent OU>-Departmental OU Admins
<OU Root>-OU Admins --> <OU Root>-Allow RIS
<OU Root>-Users --> <Parent OU>-Users
<unityid>.admin --> <OU Root>-Computer Admins
<unityid>.admin --> <OU Root>-OU Admins
<OU Root>-Faculty --> <OU Root>-Users
<OU Root>-Faculty.Desktops --> <OU Root>-Desktops
<OU Root>-Faculty.Desktops --> <OU Root>-Faculty.Computers
<OU Root>-Faculty.Laptops --> <OU Root>-Laptops
<OU Root>-Faculty.Laptops --> <OU Root>-Faculty.Computers
<OU Root>-Research Labs.Users --> <OU Root>-Users
<OU Root>-Research Labs.Desktops --> <OU Root>-Desktops
<OU Root>-Research Labs.Desktops --> <OU Root>-Research Labs.Computers
<OU Root>-Research Labs.Laptops --> <OU Root>-Laptops
<OU Root>-Research Labs.Laptops --> <OU Root>-Research Labs.Computers
<OU Root>-Sample Rlab.Administrators --> <OU Root>-Sample Rlab.Users
<OU Root>-Sample Rlab.Desktops --> <OU Root>-Research Labs.Desktops
<OU Root>-Sample Rlab.Desktops --> <OU Root>-Sample Rlab.Computers
<OU Root>-Sample Rlab.Laptops --> <OU Root>-Research Labs.Laptops
<OU Root>-Sample Rlab.Laptops --> <OU Root>-Sample Rlab.Computers
<OU Root>-Sample Rlab.Users --> <OU Root>-Research Labs.Users
<OU Root>-Staff --> <OU Root>-Users
<OU Root>-Staff.Desktops --> <OU Root>-Desktops
<OU Root>-Staff.Desktops --> <OU Root>-Staff.Computers
<OU Root>-Staff.Laptops --> <OU Root>-Laptops
<OU Root>-Staff.Laptops --> <OU Root>-Staff.Computers
<OU Root>-Teaching Labs.Users --> <OU Root>-Users
<OU Root>-Teaching Labs.Desktops --> <OU Root>-Desktops
<OU Root>-Teaching Labs.Desktops --> <OU Root>-Teaching Labs.Computers
<OU Root>-Teaching Labs.Laptops --> <OU Root>-Laptops
<OU Root>-Teaching Labs.Laptops --> <OU Root>-Teaching Labs.Computers
<OU Root>-Sample Tlab.Administrators --> <OU Root>-Sample Tlab.Users
<OU Root>-Sample Tlab.Desktops --> <OU Root>-Teaching Labs.Desktops
<OU Root>-Sample Tlab.Desktops --> <OU Root>-Sample Tlab.Computers
<OU Root>-Sample Tlab.Laptops --> <OU Root>-Teaching Labs.Laptops
<OU Root>-Sample Tlab.Laptops --> <OU Root>-Sample Tlab.Computers
<OU Root>-Sample Tlab.Users --> <OU Root>-Teaching Labs.Users

Group Policies

Group Policy Description
<Root OU>-OU Policy
<Root OU>-Enable Remote Assistance
<Root OU>-Enable Remote Desktop

Delegation

Delegation Description
<Root OU> --> <Root OU>-OU Admins

Basic Setup

Organizational Units

OU Description
<Root OU> The departmental root OU is the top level OU delegated to the department or college. This OU should be named using the organization's common abbreviation. For example, the Department of Electrical and Computer Engineering uses the abbreviation, ECE, so its root OU should be named ECE.

This OU should be placed under the NCSU OU hierarchy corresponding to its place within NCSU's organizational hierarchy. For example, the Department of Electrical and Computer Engineering is part of the College of Engineering, so the Department of Electrical and Computer Engineering's OU should be created under the College of Engineering's OU.
<Root OU>\Departmental Users
<Root OU>\Departmental Users\OU Admins
<Root OU>\Software Packages
<Root OU>\Software Packages\Freeware
<Root OU>\Software Packages\NCSU Software
<Root OU>\Software Packages\<Root OU> Software

Users

User Description
<Root OU>\Departmental Users\OU Admins\<unityid>.admin Create an Administrator account for each desired IT staff member in the department. The account should be created in the <Root OU>\Departmental Users\OU Admins OU. These accounts will be given Administrator priveleges in the departmental OU and local administrator on all computers in the departmental OU.

Groups

Group Description
<OU Root>\<OU Root>-ACS Users
<OU Root>\<OU Root>-Allow RIS
<OU Root>\<OU Root>-Computer Admins
<OU Root>\<OU Root>-Computers
<OU Root>\<OU Root>-Desktops
<OU Root>\<OU Root>-Laptops
<OU Root>\<OU Root>-OU Admins
<OU Root>\<OU Root>-Users

Group Memberships

Group Membership Description
<OU Root>-ACS Users --> <Parent OU>-ACS Users
<OU Root>-Allow RIS --> <Parent OU-Allow RIS
<OU Root>-Computer Admins --> <OU Root>-Allow RIS
<OU Root>-Desktops --> <Parent OU>-Desktops
<OU Root>-Desktops --> <OU Root>-Computers
<OU Root>-Laptops --> <Parent OU>-Laptops
<OU Root>-Laptops --> <OU Root>-Computers
<OU Root>-OU Admins --> <Parent OU>-Departmental OU Admins
<OU Root>-OU Admins --> <OU Root>-Allow RIS
<OU Root>-Users --> <Parent OU>-Users
<unityid>.admin --> <OU Root>-Computer Admins
<unityid>.admin --> <OU Root>-OU Admins

Group Policies

Group Policy Description
<Root OU>-OU Policy
<Root OU>-Enable Remote Assistance
<Root OU>-Enable Remote Desktop

Delegation

Delegation Description
<Root OU> --> <Root OU>-OU Admins