As we are aware, AD contains different types of objects, such as users, groups, and computers. It is possible to group these different types of objects into separate OUs and manage them. Each of these types can be further categorized into child OUs based on geographical location or roles and responsibilities:
In the preceding diagram, OUs are mainly categorized based on the Users and Computers object types. The Users OU is further categorized into Administrators and Standard users. These were based on the privilege level and each object's responsibilities within the organization. The Computers OU got the child OU for Servers. It plays a different role than other computer objects, such as desktops/laptops. It was further categorized based on workloads' geographical locations.
The following table lists the advantages and disadvantages of the object type model:
|
Advantages |
Disadvantages |
|
Flexibility: It gives greater flexibility when it comes to categorizing objects. Under each object type, you can categorize objects further based on roles, responsibilities, geographical locations, teams, departments, and more. |
Complexity: As this model gives freedom to engineers to categorize objects using many options, the structure can get complex to maintain. There is no limit to the number of levels OUs can break into, but when the number of levels increases, management gets complex too. |
|
Easy management of AD objects: The core value behind this model is the easy manageability. That's why it can use many methods to categorize objects. When objects are categorized into small administrative boundaries, it's easy to manage the objects in every aspect. |
Structural changes are difficult: If there is a requirement to change the structure of OUs, it will be difficult as more tailored settings and delegated controls are applied to the objects. In structural changes, these specific settings will need to move with objects as well. |
|
Extensibility: Since the model allows you to use a large number of options for categorized objects, it has greater extensibility to implement future organizational requirements with minimum impact. |
N/A |
|
Use of group policies: More tailored group policies can be applied to objects as categorization is more granular. |
N/A |