Active Directory By the Numbers: Windows Server 2003

Tutorial: Organizational Units (OUs)

Thus far, we have created nine users and divided them into three groups. We now add the last step of organization: the organizational unit , or OU .

For this portion of the tutorial, we assume that our three departments (Art, Accounting, and Marketing) all live in one huge building, but reside in different wings of that building:

We can use OUs to structure our Active Directory based on this physical arrangement of departments, allowing us to create OUs for each wing of the building.

  1. Back in Active Directory Users and Computers, click guinea.pig once in the left column. Our users and groups still appear scattered about in the right pane.

  2. Right-click any empty, white space in the right column, point to New , and click Organizational Unit .

  3. The New Object - Organizational Unit dialog box appears. In the Name field, type North Wing . Click OK .

  4. A new folder named North Wing appears in the left pane. Click it once. This is our first OU. The right pane shows the contents of the North Wing OU. Since this is a new OU, the right pane is empty. On the right pane, right-click, point to New , and click Organization Unit .

  5. Once again, the New Object - Organizational Unit dialog box appears. In the Name field, type Users and click OK . This creates an OU within an OU, much like creating a folder within a folder. In the left pane, notice that a new folder icon named Users has appeared under the North Wing folder.

  6. In the left pane, click the North Wing folder once. In the right pane, the contents of the North Wing appears. Notice that it is no longer empty, but now contains the second OU named Users. Right-click any blank area, point to New , and click Organizational Unit .

  7. Enter the name Groups for this new OU and click OK .

  8. Click the guinea.pig icon in the left column once again. Create another OU called South Wing , and place two more OUs inside of it named Users and Groups .

  9. Repeat this process for an OU named East Wing , again placing two OUs inside named Users and Groups. When you finish, the left column should appear similar to this:

    The next step is to place our mass of users and groups into these OUs, so that they are not scattered about the guinea.pig domain.

  10. Single-click guinea.pig in the left pane. In the right pane, select the Marketing group 's icon and drag it to the Groups folder that we created inside the South Wing folder in the left pane ( Note: do not drag it to the main Users folder in the left pane ).

  11. Back in the right pane, select the three users belonging to the Marketing group, and drag them to the Users folder inside the South Wing folder in the left pane ( Note: do not drag them to the main Users folder in the left pane ). For the example here, recall that we named these users Shirley Knot, Tye D. Knot, and Tye Dye .

  12. Repeat these two steps for the remaining users and groups; move the Accounting group and its users to the North Wing Group folder and North Wing Users folder, respectively, and the Art group and users to the corresponding folders in the East Wing .

Your users and groups are now organized inside multiple levels of Organizational Units. Later in Chapter 4, we discuss how to apply rules to OUs that can govern how much (or how little) control users may have over their computers.

Get Info

Now that you know how to create users, groups, and organizational units, you may want to be a bit more direct in your organizational process. For example, instead of creating the users and groups first and then moving them to the OUs, you can create an OU, click inside it (on the left pane), and create the users and groups directly inside the OU (in the right pane). This saves you the steps of first creating the users and groups and then moving them to the OU.

Категории