Based on a Technet article published by Microsoft in 2016, there are recommendations to what may be considered to be best practices.
Given that these may vary between organizations, what are the determining factors in measuring the efficacy of an organizational structure in Active Directory.
For example, an example of an organizational structure may be as follows;
- Resources --> Servers --> Mail
- Resources --> Servers --> Print
- Resources --> Workstations --> Windows 8
- Resources --> Workstations --> Windows 10
- Users --> Privileged
- Users --> Non-Privileged
Another example may be as follows;
- Development --> Servers --> Mail
- Production --> Servers --> Mail
Another example may be as follows;
- Accounting --> Users --> Privileged
- Servers --> Mail
Taking into account principles such as separation of concerns, principles of least privilege, segmentation, delegation, etc, how can these be measured to ensure the structures are effective?