[Semibug] Active Directory

Jeremy Gransden jeremy.gransden at gmail.com
Wed Aug 30 07:37:15 EDT 2017

This is sortof off topic but I'm hoping that someone here can give me
some insights.

I work with roughly 80 Windows desktops in addition to the FreeBSD and
Linux(boo!!) servers that I manage. I have recently setup (via samba)
an  active directory domain to join the desktops to. I have been
playing with it and have joined a few of our computers to it. It seems
to be way easier to manage the windows machines through it and I think
I'd like to roll it out to the rest of the computers in my network.

One of the features that I like is the roaming profiles. Not so much
for the roaming but more for the fact that it puts the users
"Documents" on the server where it will be easier to backup.

If I want to add the other computers to the domain Ill need to plan
out the structure of the OU's, migrate local users to domain users,
change to Windows ACLs on my fileshares, etc.

What is the best way to layout the structure? I currently have 8
stores and was thinking of having an OU for each store and then an OU
within each store for computers and one for the users in that store.
That way I could apply group policy on the whole in the parent OU for
the stores or at an individual store, user or computer level.

What should I look out for when setting this up?

Any advice would be greatly appreciated.


More information about the Semibug mailing list