OUs are key container objects in which you can group classes of objects. OUs can, for example, contain objects such as user accounts, printers, computers, files, shares, and even other OUs. Figure 2-14 illustrates the "containerization" of a group of user accounts into an OU.
The OU is a welcome addition to network management in Windows Server 2003, as it was in Windows 2000. In Active Directory, you can create these containers to reflect your enterprise or organization. To illustrate, we re-created the organizational chart of a major U.S. city and merged it into the domain of a cyberspace city called Millennium City. This will become the sample enterprise we will return to during later discussions of Active Directory.
The organization chart on the left in Figure 2-15 shows the hierarchy of departments and divisions in Millennium City at the time a directory for this organization was being contemplated. You can see that the chart shows a diverse collection of departments, both local and geographically dispersed, and various sites and services. On the right in Figure 2-15, the same organizational chart is represented with OU objects in Active Directory.
In any domain on the domain path, you can create organizational units, and inside these organizational units you can create group, user, and computer objects. You can also add custom objects to the domains and OUs. Active Directory also enables you to create any end point or leaf object outside the OU.
Figure 2-15: The left side of the figure represents an organizational chart. The right side represents the same organizational chart as an object hierarchy in Active Directory.
Was this article helpful?