Announcement

Collapse
No announcement yet.

link ou to security group

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • link ou to security group

    I dont think this is possible but i'm gonna ask it anyway. What i'de like to do is this. Have ad setup so that every memeber of an ou is also a member of a secuirty group, but i want it to update and sycn automatically. So i should be able to add a new use to OU-a. lets say i want everyone in OU-a to have this certain printer and set that up accordanly. But i also want 20 other uses not in that ou to have the printer. It would be nice if i could make a secuirty group that would link to OU-a and just add the rest of the people in. so that as new people were added to ou a i wouldn't have to do anything. I dont want any one time thing, i know i can easily write a script to put everyone in the ou in the secuirty group but i want it to be linked.
    MCSE 2000\2003, A+
    00000001-00000011-00000011-00000111

  • #2
    Re: link ou to security group

    Dear pcking999,

    In order to understand more on your situation, please allow me to re-phrase your words; and correct me if I am wrong. Thank you.

    All of the users that you mentioned above would be in one security group, let's call GroupA. And those users are in OU-A and they are set up with Printer1.

    You also want another 20 users from OU-B to be able to use Printer1.

    I assume that GroupA are in OU-A. If so, here are some suggestions:


    1. In OU-B, create GroupB and add 20 users to GroupB membership.

    2. Create a groupC in Users Container and make GroupA & GroupB its member.

    3. Add GroupC to Printer1 access.

    In regard to adding users by scripts, please go to the homepage and search for adding bulk user. You can also read this to get a general idea of how it works to fit your need.

    Please let us know how it goes. Good luck!

    Regards,
    Teamwork

    Comment


    • #3
      Re: link ou to security group

      not exctually what i was looking for. I think my first post was a bit confusing here the basic principle. basically i have ou-a. I want to create a secuirty group lets call it GroupA. I want to have groupA contain every user that is in the OU ou-a. and if i were to add a new user to ou-a they would also be in GroupA automatically. basically i want the GroupA secuirty group to contain a "link" the ou-a.
      MCSE 2000\2003, A+
      00000001-00000011-00000011-00000111

      Comment


      • #4
        Re: link ou to security group

        Dear pcking999,

        I understand your quest now. You can create GroupA in OU-A. And for adding user that will be placed into OU-A, GroupA automatically, please consult the links in the previous thread.

        Regards,
        Teamwork

        Comment


        • #5
          Re: link ou to security group

          Personally I can see here 2 separate tasks:

          1) automatic creation/sync of groups that will represent OU membership
          2) establishing proper security group provisioning and usage

          As for the first issue: there is nothing out of the box to address the topic. you will have to script some kind of sync mechanism to achieve what you want

          The second issue is the way you manage the groups and group membership.
          Even if you have a process for automatically populating the groups which represent OUs, I would refrain from manual changes to those groups and use resource-oriented approach, where for example for letting someone to print to Printer1, I would create group "grpPrinterUsers_Printer1" (or any other naming convention you like) and would populate it with OU groups that are allowed to print to that printer.

          Something like:
          grpPrinterUsers_Printer1: grpSomeOU, grpSomeOtherOU, <other group members>
          Guy Teverovsky
          "Smith & Wesson - the original point and click interface"

          Comment

          Working...
          X