Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Creating a New Organizational Unit (OU) in Active Directory

            Modified on Thu, Oct 3, 2019 at 12:50 PM

            If a new department/location is created in the bank, they typically will need their own OU in AD and a new folder on the G:\ drive. Printers and other group policy settings can be customized by area. To create this new group, follow the steps below.

            1. Inform Engineering Team

              Let Matt Feightner know you will be creating a new OU (under FFL\HQ, for example), creating a new G:\ level folder, and modifying a GPO. One or more of these impacts a backup process, so need to give the engineers a heads-up before proceeding.

            2. Create the OU
              Create a new OU in Active Directory under the appropriate group (HQ, Branches, etc.). The name should not contain spaces (e.g. Electronic Banking would be ElectronicBanking).

            3. Create Subgroups
              Within the new OU, create three more OUs for Computers, SecurityGroups, and Users.

            4. Move Users
              Move the employees of this new department/area from where they are currently into the Users OU.

            5. Move Users' PCs
              Move the users' computers into the Computers OU.

            6. Create Security Group
              Create a new group called Share_Access_(department name - no spaces) in the SecurityGroups OU. Make sure you add a description: "Modify access to G:\(department name). Add the new department manager into the Managed By field.

            7. Move/Create G:\ Drive Folder
              If the new department's folder already exists within an existing department, move it from its current location into G:\. Make sure it contains no spaces.
              If the department needs a new folder, create it in the top level of G:\ (no spaces in department name).

            8. Modify Folder Access
              Change the security on the new folder so that these groups have access:
              a. Share_Access_(department name)
              b. ScannedDocuments-W (list access)
              c. Earth\Administrators (full control)

            9. Open & Modify GPM
              Open Group Policy Management and find RemovableStorageDisable under Group Policy Objects.
              Add ffl.net/FFL/(HQ/Branches/other)/(new department) to the scope for this GPO.

            10. User log in
              Have users log off and back on to their computer. They will then have access to the new G:\ drive folder.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0