Adding Organizational Units to a Machine Group

 

Companies often split up Active Directory entities by creating multiple Organizational Units.  A machine group in can be configured to include specific organization units from Active Directory.  For example, you can create a machine group that includes all machines from the 'Sales' organizational unit if desired.

 

The easiest way to add an organizational unit to a machine group is to type its name in the Add OU field and then click .  An OU is added in full LDAP format.  For example, to add the Sales OU from the domain example.com, the format is 'example/ou=sales,dc=example,dc=com'.  If you specify a parent OU, all children OUs will be included in the scan.

 

You can also add or remove organizational units using the following organizational unit menu options.

 

Browse Active Directory

This menu option opens a separate dialog that lists the contents of your Microsoft network.  Locate the organizational units you would like to add to the custom group and place a checkmark in the selection box.  You can also use the Organizational Units and Machines menus to make selections.

 

To set credentials to use for browsing an Active Directory hierarchy on a remote domain, select the domain, click Set Credentials and then enter a username and password with permissions to the remote domain.

 

 

Remove All Organizational Units

Select this menu option to remove all of the organizational units from a group.

 

 

When organizational units are added, the new entries are displayed within the Organizational Units component as illustrated here:

 

 

Each domain that is listed is accompanied by the following icons: