Skip Navigation Links 

U of A University Information Technology Services

Was this page helpful?
 [+]





...Or log into AskIT
and request help.

 

Managing Active Directory Domain Security Groups with an Organizational Unit (OU)

What is an Active Directory Organizational Unit (OU)?

A good use of an OU is the ability to create security groups. Using groups you can make references to groups of individuals that are members of that group when assigning permissions to files and granting access to workstations or other resources.

In order to create Security Groups you will need to get an OU created if your department does not already have one. This can be done by submitting an AskIT help request with the subject of "Create Organizational Unit for my department." When the case is assigned you will be contacted by IT Services personnel to get the necessary information to complete your request. If your department already has an OU, the existing OU admin can create another OU within that space and grant access to it.

Once your OU has been created, you will need to install the Active Directory Management Tools on your Windows XP or Windows Server 2003 computer.

To add a group:

  1. Open Start, Administrative Tools, Active Directory Users and Computers
  2. Navigate to your OU
  3. Click Action, New, Group
  4. Leave it set at the default options
  5. Fill in the group name and information and click OK to complete the process.
    Note: It is strongly recommended that group names start with the 4 letter departmental code followed by a dash with the basic description. Groups are domain wide, so, for instance, only one group can be named "technicians", whereas there can be a group called "dept1-techs" and another called "dept2-techs" to allow for flexibility.

    To add members to a group, double-click on the group in AD Users and Computers, Members tab, and click Add. If you add someone to a group, it is possible they may not be able to access the group resources until they log out and log back in on their workstation.

    To grant the group access to resources, fill in the appropriate group name in the form of gacl\groupname in the security tab of the object you are granting that group membership to.

    Further training on managing Organizational Units is available upon request.

 
 
Thank you for visiting ITS. This page can be found at:
http://uits.uark.edu/online/network/index_4669_ENG_HTML.htm
Follow us with RSS   Bookmark us using Add This   Follow us on facebook   Follow us on twitter   Follow Us