About the OU thing, is what you are asking for, that you should basically be able to make the OU just a normal security group?
-B On Tue, 2 Aug 2005, WILLIAMS, J.D. wrote: > I dislike OUs not being able to act as security principals (right > terminology?) I'd like to assign rights on various objects to OUs as well as > groups and individuals. > > I second Joe's gripe about branch replication > > JD > > > -----Original Message----- > From: joe [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 02, 2005 11:25 AM > To: [email protected] > Subject: [ActiveDir] Biggest AD Gripes > > So what are everyone's biggest AD Gripes? I am not talking about gripes > about things that use AD like GPOs[1] or Exchange or NFS or anything else > like that. I mean actual AD really missed the boat because of this that or > the other thing. > > Like > > o I dislike that when you defunct an attribute it doesn't purge the > information in the directory for that attribute. > > o The fact that AD Security policy is managed through a technology dependent > on AD and replicates both within AD and the other technology. > > o I dislike that there is no true schema delete. > > o I dislike the fact that I can't specify which branches of the tree > replicate where. > > o I dislike the fact that GUIDs are represented in multiple ways in the > directory. > > o I dislike the implementation of property sets especially since they could > be so incredible awesomely cool. Specifically I dislike that an attribute > can only be in a single property set. > > o I dislike creator/owner on SDs. > > o I dislike the lack of configurable business rules. > > o I dislike the fact that I can't run multiple domains on a single domain > controller. > > > > Etc etc. I have more but lets see what others say. Everyone pipe up. Let's > pretend that MS will actually see this, let's further say let's pretend MS > AD Developers will see this. What would you tell them if you were sitting in > the room with them? > > > > joe > > > > > > [1] I do not consider GPOs to be part of AD. They are a technology that > leverages AD. > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
