Do policies change for the same Business Unit from location to location? I would much prefer to see an OU structure like:
Domain -> Business Unit -> Desktop/Laptop/User If there are Policies that really do need to be applied by location I might look at making a GPO for that Site instead of by OU. Are you concerned that the depth you are proposing here would cause issues? If so, then you can feel safe that this is not an overly deep structure and is of a fairly common depth. Phil On 5/24/05, Dave Hochstaetter <[EMAIL PROTECTED]> wrote: > > > Good Afternoon, > > > A specific item was brought up in the following thread regarding deep AD > structures, > > > http://www.mail-archive.com/[email protected]/msg28979.html > > > > Coincidentially I have been thinking about AD structures and the depth or > complexitiy of them. I was hoping to explore this topic in a bit greater > detail. My scenario is, I am involved with desktop administration, but > currently do not do the hands on design/policy implementation. This is what > I would term a "black hole" in our organization. > > > > I am suggesting changes to the AD structure to the management groups > followed by delegation of polcy right to allow us to perform the functions > that IMO are vital. The current structure stops at the location level with > only desktops, servers, users, laptops below each location. Thus all > business units would get the same policies, however the operations of the > units do not currently allow that (nor does the current company culture), > thus we are hampered on taking many necessary actions for managing a medium > sized organization due to the wider impact at the location level. > > > > My example: > > > > Root domain > > <Region Domain (e.g. North America, etc.)> > > <Location> > > <Business Unit> > > Desktop > > Laptops > > Users > > <Business Unit> > > Desktop > > Laptops > > Users > > <Business Unit> > > Desktop > > Laptops > > Users > > <Location> > > > > > > > > This is a structure I am proposing to increase the manageability of our > environment with policies, sofitware assignments, and IMO a more logical > structure. > > > > Questions: > > > > Any comments on the structure? > > What is considered a deep structure? > > What is considered too deep a structure? > > How many here are running a deep structure? > > Any problems or caveats to this? > > Can anyone provide some links to resources covering pros and cons of > different structures? > > > > I am new to this list and will be searching the archives in detail as I get > more time, however if this has been covered and someone has a quick link > handy please let me know. > > > Thanks > > Dave List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
