I had a really interesting discussion with another IT admin about how to set up AD.
Now this question has probably been asked before, and i doubt there is only one answer but here it goes.
What is the best structure for an AD domain?
Do you structure by department or by technical details or location?
The admin I had this discussion with also had all users in one OU, I consider this a bad practice, but maybe you dont, and I would like to hear why.
He said to me that it doesnt really matter where this person is, and tht AD is just a tool and so on, but I think it is much more efficient to nest OU’s in a logical structure.
Microsoft has some nice best practices ideas about this, but I think that there must be a way to fit all kinds of organizations
Also having more groups than users seems like a bad idea, or at least it sounds that way but it could/should be possible to make it more efficient.