G
Guest
Here's what I have trouble with in AD..
At our accounting firm we have ~100 users that should have different access settings. Partners, Managers, Staff, Support Staff, Interns, etc... Some use LapTops and some use desktops. Some staff work exclusively in one area of accounting while others work in multiple. Auditing, bookkeeping, taxation, royalties, estates, etc..
My question is... when do I use groups? when do I use OUs? where should the GPOs be? what's the difference between a GPO at the domain level applied to a group, or a GPO at an OU level? (I know that one difference is the order in which Group Policies are applied
should i group by position first, then job role or vice versa?
If the royalty department uses only laptops, do i apply royalty-specific settings to the users or the computers
You see where I'm getting with all of this? My network is very small, but I would like to redesign it, because right now everyone is just in Users and I want to further my knowledge of AD and AD design
thanks for all your hel
At our accounting firm we have ~100 users that should have different access settings. Partners, Managers, Staff, Support Staff, Interns, etc... Some use LapTops and some use desktops. Some staff work exclusively in one area of accounting while others work in multiple. Auditing, bookkeeping, taxation, royalties, estates, etc..
My question is... when do I use groups? when do I use OUs? where should the GPOs be? what's the difference between a GPO at the domain level applied to a group, or a GPO at an OU level? (I know that one difference is the order in which Group Policies are applied
should i group by position first, then job role or vice versa?
If the royalty department uses only laptops, do i apply royalty-specific settings to the users or the computers
You see where I'm getting with all of this? My network is very small, but I would like to redesign it, because right now everyone is just in Users and I want to further my knowledge of AD and AD design
thanks for all your hel