Windows / Active Directory Policy Management

Microsoft Active Directory (AD) provides a directory of computers, users and security groups.  Primary AD user accounts for staff and students are created automatically once the CityU EID is activated.  User access rights are currently managed in the AD using “security groups” for accessing to institutional IT resources.  Certain departments may also require departmental groups to be created in the AD for managing departmental IT resources such as share drives.  The Computing Services Centre (CSC) manages the addition, modifications, and deletions of these security groups.  In addition, computer security policies are also managed in the AD via the CSC and departments may wish to coordinate with the CSC for setting up appropriate security policies for their own computer laboratories.