An organizational unit (OU) is a container object that is used to organize objects within a domain. An OU contains objects such as user accounts, groups, computers printers and other OUs. OUs are created in the UBAD to contain objects (user, groups, computers, printers, etc) so they may be managed by OU administrators. OU administrators will assign rights to departmentally controlled resources and grant access privileges.
OUs can be used to group objects into a logical hierarchy that best suits the needs of the organization. OU structure can be based on departmental or administrative boundaries. In UBAD, OUs do not represent any particular organization or hierarchy of the Institution. UBAD’s OU structure does not imply or influence any organization within other directories.
Three first level OUs will be created in the Accounts Domain: People, Groups and ITOrg.
One first level OU (ITOrg) will be created in the Resource Domain consistent with the UBAD naming standard. The ITOrg OU will contain departmental OUs.
UBAD is limited to nesting 5 levels of OUs within UBAD Accounts and Resource domains for performance reasons.
IT organizations have full permissions within their OUs. Additionally, they have the ability to apply Group Policy to the 2nd and subsequent levels in the Resource Domain.
UBAD Accounts Domain Example
• People, Groups, ITOrg are 1st level OUs
• IT Organizations OUs are in green, 2nd level.
o SAIT is a department OU, for example
• IT Org prefixes are in blue, 3rd level
o PUBS is an administrative prefix within the
SAIT department OU
• PUBS-Admin is a department sub-OU, for
example, 4th level
UBAD Resource Domain Example
• ITOrg is 1st level OU (same as Accounts Domain)
• IT Organizations OUs are in green, 2nd level
(same as Accounts Domain)
• IT Org prefixes are in blue, 3rd level (same as
• Subsequent levels are named and maintained by
department OU administrator (orange text)