No. THOSE guys I leave alone. I have not had any reason to-date to apply unique policies to any default account.
D�j� Ak�m�l�f�, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Kinnamon Sent: Tuesday, June 10, 2003 11:23 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OU and GPO Design Comments Do you still store groups that are created by default (such as Exchange groups or built-in groups) in the Users container? ... 'Cause I had big problems when I tried to move an Exchange Admins group during initial deployment. Dave -----Original Message----- From: deji [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2003 12:06 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OU and GPO Design Comments Looks intelligent to me :) Mine is more like: |--Branches |--Enterprise |--Users |--Computers |--Groups |--HR |--Users |--Computers |--Groups |--Engineering |--Users |--Computers |--Groups |--Executives |--Users |--Computers |--Groups Enterprise contains EVERYTHING that is common to all the Departments. Each Department contains what is common to it. The driving force behind the design decision is the need to "EXCLUDE" Engineering and "special interests" from ANYTHING that MAY impact their operations. Management's call, not mine. The moral of my story - I have yet to see an absolute standard for OU design. Your design will be driven mostly by your corporate goals (and politics). As long as you understand the OU concept and what it's intended for, I'd say you are in the clear. D�j� Ak�m�l�f�, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Monday, June 09, 2003 9:04 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] OU and GPO Design Comments I'm interested in feedback on the following OU and GPO design. Simple OU structure, something like: |--Branches |--Users |--Computers The "Users" OU would hold around 5000 users and the "Computers" OU an equal amount of workstations and servers. GPO's would be created for the users and linked to the OU, but only applied to certain global groups that the users would be members of. Similar for the computers. There would be an "All Users" and "All Computers" GPO with global settings, then more granular GPO's for departmental specific settings. Almost all administration would be done centrally, so there should be little need for delegation. This seems like it should be simple and effective, but we haven't tried it real-world, so I'm curious if people have any thoughts on possible gotcha's, issues, etc. -- David List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
