We cannot think of AD without group policies. Using group policies, we can apply rules to manage application settings, security settings, and system settings of AD objects. Each and every object in AD has different operation and security requirements. As an example, sales computer security requirements are different from a server that hosts the database system. Group policies can be bound to OUs. Therefore, objects that have different Group Policy requirements can be placed into different OUs and assign corresponding policies to it. Even though this is the most common reason for OUs, this is where things mostly go wrong as well. If you do not consider Group Policy inheritance and Group Policy precedence, it will be difficult ...