Home > Articles

  • Print
  • + Share This
This chapter is from the book

Best Practices

  • Move your user and computer objects into an OU structure.

  • Keep the OU structure as simple as possible.

  • Do not nest OUs more than 10 layers deep.

  • Keep the number of OUs to a minimum.

  • Apply Group Policy to groups through Group Policy Filtering.

  • Use domain local groups to control access to resources, and use global groups to organize similar groups of users.

  • Use distribution groups to create e-mail distribution lists in environments with Exchange 2000.

  • Mail-enable security groups if separation of security and e-mail functionality is not required.

  • Don't simply delete and re-create groups on the fly because each group SID is unique.

  • Don't include users from other Mixed mode domains in a forest in universal groups.

  • Don't utilize local groups for permissions in a domain environment.

  • + Share This
  • 🔖 Save To Your Account