Configuring OUs in Cloud Identity
Before setting up users, OUs must be configured in Cloud Identity. These help in categorizing users and enabling respective apps for each OU. Apps such as Gmail, Drive, Meet, and Chat can be selectively enabled for the OU, and further security settings within each of these apps can be applied to sub-OUs.
In the previous chapter, we went into detail about subdomains versus secondary domains. Users across multiple domains or subdomains can be set up under any OU.
Root-level or top-level OUs take over the primary domain name. All child OUs will automatically inherit settings defined for the root OU, but these can be changed by overriding the settings.
For example, if the root OU is Company.com, administrators can configure sub-OUs with various names such as IT Staff, Executives, and Field Workers. Within these sub-OUs, there can be nested OUs as well. Users are created as leaf nodes in this hierarchical setup. Those users can belong to either...
