Page Comparison

• View GPO Administrators

• Add GPO Administrators

• Remove GPO Administrators

• View GPO Editors

• Add GPO Editors

• Remove GPO Editors

When a Department OU is created, the requestor provides a list of the initial OU Owners.

Department OU Owners can edit (add/remove) owners of the Department OU.

If a Department falls in the scenario where there are no valid OU Owners (for example, all of the owners are former staff), the owners can be updated by one of the following processes:

• The Head of the Department submits a request to the AD team, specifying the EIDs of the new OU Owners.

• IT staff member from the department contacts the ISO who will review it and then submit a request to the AD team, specifying the EIDs of the new OU Owners.

GPO Administrators can create, delete, and manage a Department’s GPOs.

• Create GPO

• Copy GPO

• Rename GPO

• Delete GPO

• Reset GPO Permissions

• Show GPO Information

A Department OU Owner sets the GPO Administrators.

In addition, Department OU Owners are considered GPO Administrators by the Tool’s permission model even if not explicitly declared as GPO Administrators.

GPO Editors have permission to edit a Department’s GPOs.

GPO Editors have no permissions within the Department GPO Tools.

GPO Editors must be Departmental user accounts (Not EIDs.)

A Department OU Owner sets the GPO Editors.