OU Strategy

Purpose

The OU structure supports delegation, Group Policy targeting and administrative separation.

Initial OU structure

corp.gntech.lab
├── Admin
│   ├── Tier0
│   ├── Tier1
│   └── Tier2
├── Users
│   └── HQ
├── Groups
├── Computers
│   ├── Workstations
│   ├── Laptops
│   └── Kiosks
├── Servers
│   ├── Domain Controllers
│   ├── Infrastructure
│   ├── Application
│   └── File Servers
├── Service Accounts
└── Staging

Rules

• Do not leave production objects in default Users or Computers containers.
• Apply GPOs to purpose-built OUs.
• Use Staging for new or unclassified objects.
• Keep Tier 0 administrative accounts separate.