Quote:
Originally Posted by flipper35
WTH? Not you, him.
|
He has no real idea what he is doing, but keeps changing things anyway. He is the cisco guy and is meddling in AD and my Boss is letting him. Our AD does need some organization, but it needs to be done by someone that has a clue.
For example he is breaking things down into OU's that are the HR's definition of departments. Those have NOTHING to do with actual working departments to use for security or access to things. HR is the ONLY people that think in those department groupings. Ask people what department they are and 9 times out of 10 it has nothing to do with HR's departments. The whole reason for departmental OUs is to use them for access and security, but no-one is looking at the things we already have access and security on to see how they would be used.
All I can do is make suggestions (which are ignored), watch, then smile and say "Yep, that's why we didn't do that."
The move to Office365 is being used as an excuse to re-org AD, and it is being rushed so badly it's causing MORE migration problems.
I would just lump everything with an email into the Users OU, and migrate it. What the heck, done no problems. That's what office365 wants! It is designed to keep a single OU synced with on-site AD. Then after the mostly trouble free migration worry about all the AD stuff. Especially since we don't want to use Azure as our AD master anyway.