What can you do with your OU

1. Create computer objects for servers and client machines
2. Create printer and share resource objects
3. Create groups for managing users and computers
4. Create child OUs for security and management use
5. Apply group policy objects for security and management
6. Access the campus-wide user pool to manage access to resources
7. Leverage the campus Kerberos infrastructure for secure access to Windows 2000 and Unix resources

What you cannot do with your OU

1. Create user accounts
2. Create child domains
3. Create, delete, or alter objects in OUs other than your own
4. Change user passwords other than your own
5. Change user attributes taken from the UCB directory (phone number, e-mail address, etc.)

Responsibilities of administering an OU

1. You are responsible for all objects you create in the active directory
2. You are responsible for joining, and removing, users from groups in your OU
3. You are responsible for controlling access to any resources you make available in the active directory
4. You are responsible for reporting any problems that require the attention of ITS administrators (AD problems, domain controller problems) to ITS
5. You are responsible for adhering to the naming conventions for GPOs and groups as described in the "UCB Windows 2000 Campus Domain Naming Conventions" document
6. You are responsible for all department responsibilities outlined in the service level agreement signed with ITS

Getting Help

help@colorado.edu