IT Professionals: Active Directory Organizational Unit Structure & Roles
- Robert Morrell
- Sarah Nguyen (Deactivated)
- Former user (Deleted)
Active Directory (AD) is a Microsoft technology used to manage computers and other devices on a network.
An Organizational Unit (OU) is a subdivision within an AD into which user objects, group objects, computer objects can be placed.
IT professionals can learn about how the structure of workstation organizational units is designed and what roles are available for those organizational units in the Managed Workstation Service.
Managed Workstation Top Level Organizational Unit
The top-level Active Directory Organization Unit (AD-OU) for computer objects (workstations) in the Managed Workstation Service is located at grove.ad.uconn.edu/UConn/Managed_Workstation/Managed_Workstation/Workstations.
Standard Naming Format and Descriptions of Descendant Organizational UnitsÂ
Descendant AD-OUs in Managed Workstation are configured flat (e.g., only one level below top-level organizational unit) to allow for granular permissions and ease of management.Â
The name of the AD-OU is the name of the functional area/purpose. If required, it can be prefixed with the support area/division or appended with the campus and/or University building code for location.Â
The description field of the AD-OU indicates whom local support is provided by.Â
Example OU Names and DescriptionsÂ
Department NameÂ
Academic_Center_for_Exploratory_Students
Division/Department and Building Location
Division_of_Athletics_BFFC
Function with Campus / Building
High_Technology_Classrooms_Storrs_OAK
Department with Function
University_Libraries_Loaner_Laptops
Support Area with Department
NorthWestIT_Facilities_Operations
Example Description
Supported by Information Technology Services Device Support
Example Layout
Available Roles & Permissions for Descendant Organizational Units
Role | Permissions |
|---|---|
Computer Managers |
|
Local Admins |
|