1
00:00:06,430 --> 00:00:15,640
As an important administrative component in your Active Directory Domain O YOuth enable you to partition

2
00:00:15,690 --> 00:00:21,820
air and organize domain objects into a hierarchical structure.

3
00:00:21,820 --> 00:00:29,530
O use can help you to delegate rights to administrative groups enabling them to administer certain objects

4
00:00:29,530 --> 00:00:33,800
or attributes of objects below that or you.

5
00:00:33,820 --> 00:00:43,600
It helps you to apply group policies to users and computer objects below that of you and it helps you

6
00:00:43,600 --> 00:00:50,740
to create a hierarchy that enables you to administer the objects in the domain quickly.

7
00:00:50,740 --> 00:00:55,710
There are several strategies for design and O use structures.

8
00:00:55,720 --> 00:01:03,940
Let's take a look at the O you design strategies that are the most common location based strategy.

9
00:01:03,940 --> 00:01:09,940
This strategy uses locations for reached top level or you in the root of the domain.

10
00:01:09,940 --> 00:01:17,620
These location based o use are the main organizational element of the O use structure.

11
00:01:17,620 --> 00:01:26,590
For example a datum corporation might use a location based strategy to create a use for reach of its

12
00:01:26,770 --> 00:01:36,040
physical locations in London Toronto and Sydney and then create additional or use for their branch distribution

13
00:01:36,040 --> 00:01:37,030
centers.

14
00:01:37,030 --> 00:01:45,370
Each aided yes a resource such as user groups and computers is located in the O U that corresponds to

15
00:01:45,370 --> 00:01:48,700
the location where the resource resides.

16
00:01:48,700 --> 00:01:58,300
The location based strategy is common when each location operates relatively independently or when many

17
00:01:58,300 --> 00:02:03,090
tasks are delegated to centralized administrators.

18
00:02:03,100 --> 00:02:10,340
For example the administrative staff in London can perform the main administrative duties.

19
00:02:10,400 --> 00:02:18,610
Administrators in Sydney or Toronto have some delegated rights like accessing their users groups and

20
00:02:18,610 --> 00:02:20,190
computers quickly.

21
00:02:20,230 --> 00:02:27,430
It is advantages for the local staff to fulfil some administrative duties across different types of

22
00:02:27,610 --> 00:02:29,770
objects in the same branch.

23
00:02:29,770 --> 00:02:37,180
In addition you do not have to move objects frequently between the top level or use unless the objects

24
00:02:37,180 --> 00:02:39,570
move to another physical location.

25
00:02:39,610 --> 00:02:47,560
Moving objects to another physical location likely requires moving home folders or Microsoft Exchange

26
00:02:47,560 --> 00:02:49,260
Server mail boxes.

27
00:02:49,300 --> 00:02:57,520
The location based gratitude also works well for organisations that expect to expand into new locations

28
00:02:57,730 --> 00:03:02,560
because you can add new locations easily to the O use structure.

29
00:03:02,560 --> 00:03:06,280
The next strategies resource based strategy.

30
00:03:06,280 --> 00:03:12,920
This strategy relates to the functions of resources that are in the O use structure.

31
00:03:13,060 --> 00:03:21,760
Typically use separate resources by function or objects by type and you create or use to represent these

32
00:03:21,760 --> 00:03:22,650
functions.

33
00:03:22,660 --> 00:03:31,130
For example some common top level or use are servers workstations groups and to users the resource base

34
00:03:31,130 --> 00:03:39,250
strategy is common in smaller organisations in organisations that administrative staff maintain sir

35
00:03:39,310 --> 00:03:47,080
centrally and their administrative delegation is based on the object type rather than on their location

36
00:03:47,080 --> 00:03:48,400
or department.

37
00:03:48,400 --> 00:03:57,400
Examples of this administrative groups include helpdesk clients support virtual administration and application

38
00:03:57,400 --> 00:04:00,910
specific support in large organisations.

39
00:04:00,910 --> 00:04:08,570
It is likely that those top level 0 use are more defined in the next subordinate level.

40
00:04:08,620 --> 00:04:16,990
For example the sorrow or so you might contain child or use named after their applications such as Microsoft

41
00:04:16,990 --> 00:04:21,160
Exchange Sara or Microsoft sequel server.

42
00:04:21,220 --> 00:04:25,180
The next strategy is organisation based strategy.

43
00:04:25,180 --> 00:04:33,430
This strategy reflects the structure of the organisation's business logic top level or use represent

44
00:04:33,430 --> 00:04:40,030
departments within the organisation such as sales research or finance.

45
00:04:40,030 --> 00:04:47,950
This strategy works well if resources move frequently or if they are not affiliated with a physical

46
00:04:47,950 --> 00:04:52,960
location and if there are few employees changes between departments.

47
00:04:53,020 --> 00:05:00,250
You should consider this strategy when administrative tasks are delegated on a per department basis

48
00:05:00,460 --> 00:05:02,840
rather than a publication base.

49
00:05:02,860 --> 00:05:11,940
For example an organisation with Neverland sales teams and other units that are not location bound would

50
00:05:11,940 --> 00:05:15,700
benefit from an organization based strategy.

51
00:05:15,720 --> 00:05:24,270
However this strategy is not a good choice for organizations that frequently rely on their business

52
00:05:24,270 --> 00:05:29,080
model or that encourage employees to shift between roles.

53
00:05:29,100 --> 00:05:33,520
The next strategies multiple tenancy based strategy.

54
00:05:33,570 --> 00:05:41,100
This strategy is suitable for organizations that required the active directory infrastructure the service

55
00:05:41,280 --> 00:05:43,320
to other organizations.

56
00:05:43,320 --> 00:05:51,270
This might be a group of affiliated organizations that share the same domain a hostage environment and

57
00:05:51,270 --> 00:05:56,130
outsourced environment or remain a private or public cloud provider.

58
00:05:56,130 --> 00:06:03,630
This strategy is appropriate when one organization maintains the Active Directory infrastructure while

59
00:06:03,720 --> 00:06:11,730
another organization manages certain Active Directory objects or if the first organization relies completely

60
00:06:12,090 --> 00:06:16,040
on the administrations of the host in the organization.

61
00:06:16,050 --> 00:06:25,500
For example a datum might maintain 80 days for tree research and control so tree research might want

62
00:06:25,500 --> 00:06:35,010
to administer their users groups and computers or use independently but might not want to manage Active

63
00:06:35,010 --> 00:06:44,880
Directory replication and DNS control also relies full the I.T. staff from a datum for all these tasks.

64
00:06:44,880 --> 00:06:53,340
In this scenario a region would create a top level or you for I.T. services where they maintain all

65
00:06:53,340 --> 00:07:01,260
administrative accounts and group sound top level or use named a datum control store and trade with

66
00:07:01,260 --> 00:07:10,380
storage for reach of the managed organizations under lease or use regular user group workstations and

67
00:07:10,590 --> 00:07:19,530
perhaps server accounts are represented as deeper level the I.T. staff of the trade research would maintain

68
00:07:19,560 --> 00:07:25,410
their own account set design in their multiple tenancy based strategy.

69
00:07:25,410 --> 00:07:33,960
It is possible to allow different tenants to work together or to create privacy settings so that each

70
00:07:33,960 --> 00:07:37,170
organization sees its own resources.

71
00:07:37,290 --> 00:07:44,790
In this strategy include and or a separate a new organizations can be straight forward process and the

72
00:07:44,790 --> 00:07:48,150
last in our list is hybrid strategy.

73
00:07:48,150 --> 00:07:55,440
This strategy uses a combination of all use based on location organization and resources.

74
00:07:55,500 --> 00:07:59,920
The multi tenancy based strategy is also a hybrid strategy.

75
00:07:59,960 --> 00:08:07,650
Are other hybrid strategies might decide the locations at the top level and separate objects types on

76
00:08:07,650 --> 00:08:08,830
the next level.

77
00:08:08,850 --> 00:08:14,110
The structure of the hybrid strategy depends on the organizational requirements.

78
00:08:14,130 --> 00:08:22,890
For example the server so you could contain or use for file servers IRS Sequel Server Exchange server

79
00:08:23,220 --> 00:08:32,040
and other application servers the user or so you might contend location or department or use the workstation

80
00:08:32,070 --> 00:08:40,140
so you might distinguish between desktop and laptops and the group so you could incorporate department

81
00:08:40,410 --> 00:08:48,720
location project or application specific groups regardless of which strategy you use to design your

82
00:08:48,900 --> 00:08:50,460
or your structure.

83
00:08:50,460 --> 00:08:58,860
Always remember that the main purpose is to enable the implementation of an Active Directory administrative

84
00:08:58,860 --> 00:09:03,760
tasks modal a second priority might be group policy.

85
00:09:03,810 --> 00:09:11,490
It is also recommended separated administrative accounts and groups from regular user accounts and groups

86
00:09:11,820 --> 00:09:15,180
that delegated administrators might administer.