General discussion
Thread display: Collapse - |
All Comments
Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Login scripts and AD Design
We have a pretty straightfoward architecture.
4 Companies under the same Domain.
13 Sites under each company
0 to 10 Divisions under each site
0 to 5 Departments under each division
X users under each department
What I intended to do is create security groups like this
Company_Site_Divison_Sales_Rep (8 persons in this group)
Company_Site_Divison_Sales_Secretary (1 person in this group)
Company_Site_Divison_Sales_Managemet (1 person in this group)
Then include those 3 groups in Company_Site_Division_Sales
Then include this group in Company_Site_Divison. Etc, etc.
My OU structure now stops at the Site level (i.e.: Company1 - Site1, Company1 - Site2, etc.)
1. Is this a good way to manage security?
2. How should I go around to map my printers and network drives?
I've read about GPO filtering but it looks like a lot of maintenance. I was thinking about writting one script and applying it to the domain with a GPO and in the script test to determine group membership until I trickle down to the lowest group. Is this going to slow down my logon process a lot?
Or should I just drill down the GPO to the Rep, Secretary and Management level and apply the script directly on the OU? I'm a bit lost here.
Thanks for any input.