Good Afternoon,
http://www.mail-archive.com/[email protected]/msg28979.html
Coincidentially I have been thinking about AD structures and the depth or complexitiy of them. I was hoping to explore this topic in a bit greater detail. My scenario is, I am involved with desktop administration, but currently do not do the hands on design/policy implementation. This is what I would term a "black hole" in our organization.
I am suggesting changes to the AD structure to the management groups followed by delegation of polcy right to allow us to perform the functions that IMO are vital. The current structure stops at the location level with only desktops, servers, users, laptops below each location. Thus all business units would get the same policies, however the operations of the units do not currently allow that (nor does the current company culture), thus we are hampered on taking many necessary actions for managing a medium sized organization due to the wider impact at the location level.
My example:
Root domain
<Region Domain (e.g. North America, etc.)>
<Location>
<Business Unit>
Desktop
Laptops
Users
<Business Unit>
Desktop
Laptops
Users
<Business Unit>
Desktop
Laptops
Users
<Location>
This is a structure I am proposing to increase the manageability of our environment with policies, sofitware assignments, and IMO a more logical structure.
Questions:
Any comments on the structure?
What is considered a deep structure?
What is considered too deep a structure?
How many here are running a deep structure?
Any problems or caveats to this?
Can anyone provide some links to resources covering pros and cons of different structures?
I am new to this list and will be searching the archives in detail as I get more time, however if this has been covered and someone has a quick link handy please let me know.
