An organizational unit (OU) is a container object that is used
to organize objects within a domain. An OU contains objects such as
user accounts, groups, computers printers and other OUs. OUs are
created in the UBAD to contain objects (user, groups, computers,
printers, etc) so they may be managed by OU administrators. OU
administrators will assign rights to departmentally controlled
resources and grant access privileges.
OUs can be used to group objects into a logical hierarchy that
best suits the needs of the organization. OU structure can be based
on departmental or administrative boundaries. In UBAD, OUs do not
represent any particular organization or hierarchy of the
Institution. UBAD’s OU structure does not imply or influence
any organization within other directories.
Three first level OUs will be created in the Accounts Domain: People, Groups and ITOrg.
One first level OU (ITOrg) will be created in the Resource Domain consistent with the UBAD naming standard. The ITOrg OU will contain departmental OUs.
UBAD is limited to nesting 5 levels of OUs within UBAD Accounts and Resource domains for performance reasons.
IT organizations have full permissions within their OUs. Additionally, they have the ability to apply Group Policy to the 2nd and subsequent levels in the Resource Domain.
UBAD Accounts Domain Example
UBAD Resource Domain Example