Active Directory OU The hierarchical structure of organizational domain

Protected by Copyscape Unique Content Check
Published: 01st December 2011
Views: N/A

An Active Directory structure contains various objects, resources and services that are a part of a large network. Of these, Active Directory OUs (organizational units) are highly useful objects which are associated with each domain within a network. These organizational units are objects that can be used to create containers within a domain in order to represent the logical structure of the organization. Within these OU containers, other objects like users, computers, groups, devices and even other organizational units can be incorporated. Unlimited number of objects can be configured to an organizational unit so as to scale up the network architecture.

However, no organizational unit can contain objects or other OUs of other domain, i.e., a domain in which the OU is not created. Active Directory OUs are also the smallest units in the entire AD structure, to which administrative authority can be delegated or Group Policy settings can be assigned. With the help of the Delegation of Control Wizard or the Authorization Manager Console, it is possible to assign administrative controls to any object of the organization unit. Therefore, we see that OUs are crucial hierarchical structure within a network and are important for successful network management. In order to create a new Active Directory OU, the steps mentioned below have to be followed:

1.Log on to the Domain Controller with Administrator privileges
2.Click Start> Programs> Administrative Tools and then click Active Directory Users And Computers
3.Right click the domain object in which the OU is to be created, point to Add and then click Organizational Unit


4.On the Toolbar, click Create New Organizational Unit


5.From the Action/ Context menu, select New and then click Organizational Unit
6.In the Name box of the New Object-Organizational Unit page type the name of the new OU and click OK

Once a new OU is created, it is possible to add other objects such as users, computer, groups and organizational units to it. Network management is however much more than just creating an organizational unit and configuring new objects to them. In dynamic business scenarios, administrators are also required to modify the OUs as per the changes in the organization, therefore modifying the attributes of OU. Using the Active Directory administration tools (Active Directory Users and Computers snap-in), it is possible to modify the OU attributes by following the steps mentioned underneath:

1.Click Start> Programs> Administrative Tools and then click Active Directory Users and Computers
2.Expand the domain
3.Click the organizational unit, and then click Properties on the Action menu
4.Click the tab for the organizational unit properties which you want to modify, and type in the values for each property

Managing Active Directory with the help of ADAM tools is no mean job and administrators are often baffled by the amount of complexity involved in network management through this way. Hence, to simplify the task, Active Directory OU management tools are developed. One such tool is the Lepide Active Directory Management and Reporting (LADMR), which offers a centralized platform to create, modify and manage OUs in different domain along with the objects contained in the OU containers.

Highly scalable organizational units can be managed and system information (system BIOS version, CPU resource, job scheduling, logged on users, etc.) can also be easily collected with the help of this software. Furthermore, administrators are able to view network specific information like DNS, Network Card and environment variables to help them with network management. In addition to all these facilities, this software is capable of generating criteria based reports about the Active Directory OUs, containing details of the entire logical structure of a domain. For more information about the software, please visit

The author of this article is a senior database administrator with more than a decade of experience in working on Windows Active Directory platform. In this article the author has explained all about Active Directory OU and how they are an important component of network management.

This article is copyright

Report this article Ask About This Article

More to Explore