Active Directory

Just a few notes about the current state of our AD. 4/09/2009

Located on Ford.

Everything you might need to do on a daily basis can be accessed from Start-Administrative Tools, Active Directory Users and Computers or Group Policy Management.

Active Directory Users and Computers Notes

Most of the OU's (Organizational Units) are self explanatory as to what should be contained in them.

Ideally, computers should be in the correct OU, however, that hasn't really happened. All computers that are added to the domain are placed by default into the Computers OU. From there it would be nice to properly maintain OU's for servers, faculty workstations, labs, etc. To some degree this has been done but should the Directory be rebuilt, that would be a prime opportunity for this to be done.

Users for the most part are organized fairly well. -The Staff OU is obsolete (not to be confused with the Office->Staff container) -The Users OU contains some general user accounts, i.e. the Administrator account

Group Notes

Group Policy Management

def: GPO (Group Policy Object)

My knowledge of Active Directory was fairly limited so I apologize for anything that seems inefficient. I've created/edited several policies, here are some notes on them:

Our login scripts are located on Ford at C:\WINDOWS\SYSVOL\sysvol\w2k.cis.ksu.edu\Scripts

login.bat calls a series of VB scripts, which also use a python script. Each of the scripts is aptly named. I've fixed the logon_maps.vbs script so that it works correctly now, however, the other scripts may need to be revamped in order for them to work properly i.e. the printer mapping script.