Best Practices
The following are best practices from this chapter:
• Move your user and computer objects into an OU structure, as opposed to the default Users and Computers containers, because Group Policy objects cannot be applied to the container objects.
• Create critical OUs with Deletion Protection enabled, to avoid accidental deletion. Enable the Active Directory Recycle Bin to be able to recover OUs and their objects if they have been deleted.
• Keep the OU structure as simple as possible, and only expand on the design if there is a specific reason to do so.
• Do not nest OUs more than 10 layers deep when possible.
• Use the principles of role-based access control (RBAC) to control access to resources.
• Apply Group Policy to members ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
