OREGON STATE UNIVERSITY

You are here

Active Directory

DCA Service Request Forms

Please use this migration request form when one or more users are going to move from one domain to another.

Active Directory (AD) is a directory service that holds user accounts, computer accounts and groups, and stores security information for those objects. The servers that store the directory information and respond to authentication and directory lookup requests are called domain controllers. Global Catalog servers are special directory servers that contain a subset of information for every object in the forest.

Active Directory Services

Network Engineering maintains the forest root for the Oregonstate.edu AD forest. In addition, Network Engineering is responsible for the following:

  • Schema: The schema controls how objects are defined in AD. Occasionally, it is necessary to make additions to the schema. All such changes are handled by Network Engineering. Schema changes will be thoroughly tested before being implemented, and domain administrators will be notified of the changes and the reasons for making them.
  • DNS for AD: Network Engineering maintains AD service records in DNS for the Oregonstate.edu forest and other AD forests on campus.
  • Replication: Network Engineering monitors communications between domains and will contact departments running their own domain controllers if problems are discovered. Departments should contact Network Engineering when they are experiencing problems so that we can help resolve them.
  • New domains: Any department wishing to add a new domain to our AD forest should submit an Active Directory Account Migration Request. We will only consider requests that meet the requirements outlined below.

Note: If circumstances arise which affect the overall health of the Active Directory forest and Network Engineering cannot reach the DCA responsible for a system, Network Engineering may log in to Domain Controllers and make necessary changes; we will notify DCAs immediately afterward in such cases.

Requirements For Adding a New Domain to the Forest

In order to keep our AD forest as robust and reliable as possible, and to decrease replication traffic, we would like to minimize the number of domains in the Oregonstate.edu forest. Network Engineering will only consider requests for new domains when the following are true:

  • The department has at least two full-time, qualified IT staff.
  • Adequate hardware has been dedicated for at least 2 Domain Controllers.
  • Domain controllers will be monitored 24x7, and IT staff can be reached by Network Engineering in the event of an emergency.
  • The department has specific functionality requirements that cannot be met by an OU in an existing domain, such as FS_Mail.