Companies often split up Active Directory entities by creating multiple Organizational Units (OUs). A machine group in Security Controls can be configured to include specific organization units from Active Directory. For example, you might create a machine group that includes all machines from the 'Sales' organizational unit. The machines in the OU will be automatically enumerated when the machine group is scanned.
Adding an Individual Organizational Unit
The easiest way to add an organizational unit to a machine group is as follows:
2.Select the Organizational Unit tab.
3.Type the name of the organizational unit in the Enter an individual OU name box.
An OU is added in full LDAP format. For example, to add the Sales OU from the domain example.com, the format is 'ou=sales,dc=example,dc=com'. If you specify a parent OU, all children OUs will be included in the scan.
Importing OUs from an External Source
Browse Active Directory
This button opens a separate dialog that lists the contents of your Active Directory network. Locate the organizational units and/or machines you would like to add to the custom group, place a check mark in the desired check boxes, and then click Add checked items.
When organizational units are added, the new entries are displayed within the bottom portion of the machine group pane.