subject: Case Scenario Exercise 2 [print this page] 1. Each office with more than 100 users is allowed to hire its own network administrator. Network administrators should be allowed to create, delete, rename, reset, and manage the user accounts and computer accounts of those offices. Currently, the East, North, and Operations offices have more than 100 users apiece. What should you do?
Create an OU for East, North, and Operations. Create a user account for each new administrator. Place all of the user and computer accounts for CompTIA A+ certification each office into their respective OUs. Delegate administrative rights to the new administrators to their respective office OUs.
2.The North, South, East, and West offices all require the same specialized software.
However, none of the other offices require this software. What are ways in which you can organize the Active Directory structure to accommodate these require ments while distributing the software using Group Policy?
Since you already have East and North OUs, you could create additional OUs for West and South. Then, you could distribute the software to each of these OUs by creating a single GPO and linking it to all four OUs. The other option is to place each 220-701 Exam OU inside a single OU. For example, you could create an OU named Remote and then place the North, South, East, and West OUs inside the Remote OU. Then you could assign a GPO that distributed the software to the Remote OU, which in turn would flow down to the separate locations. Probably the best way would be to use the first method, linking the GPO here to each individual OU. Flatter OU structures are easier to manage and troubleshoot. Further, Group Policy processing occurs more quickly on flat OU structures.
3. A total of 50 contracted employees are hired to work in the Operations office.
They require different software than the rest of the users in the Operations office.
Operations office wants you to lock down specific portions of their desktops. The network administrator of the Operations OU needs your help. You must ensure that the network administrator of the Operations OU can manage these users and their computers. What should you do?
The most efficient option is to create a new OU. For example, you could create an OU named Contractors that is subordinate to (within) the Operations OU. The network administrator of the Operations OU would then inherit the ability to manage the Contractors OU. Then, you'd use Group Policy to assign the specific software and desktop lockdown policies that are required to meet the needs of these contracted employees.
