Situation
I inherited the active directory setup and structure. On one look over, it was apparent that it was poorly maintained, with poor structuring. Too many OU’s and anything that was implemented was done by hand.
Task
My main task was to get the structure under control and easy to understand. This meant stripping everything back behind the scenes. I then had to create apply and monitor group policies to increase automation throughout the company.
Action
- Plan the structure of the Active Directory to fit to a standard
- Implement the new structure without making changes to the current OU’s and Users & Computer setups
- Create new GPO’s to fit security standards and promote automation of deployments such as icons, printers etc.
- Test the new structure with GPO’s active
- Fix any bugs found within the testing stage
- Slowly move users across to the structure, with a scheduled time frame, allowing time for issues to arise and be fixed.
- Remove remnants of previous structure to prevent further confusion.
Result
The whole project took about 3 months to complete and was a full-time effort. The end result allowed us to have an Active Directory setup that was on part to any other company. Allowing us to clearly see different companies, a separated area for disabled accounts and a split between computers and users allowing a way to break down GPOs.