AD-OU feature in TechIDAgent piece of TechIDManager

Starting with TechIDAgent version 1.90, an AD-OU feature is incorporated. This allows managed privileged technician accounts to be created in—or moved to—an Organizational Unit (OU) within the Active Directory (AD) structure of your clients’ domains.

This feature is helpful if you:

• Bill based on the number of users
• Want to keep tech accounts separate from end-user accounts

OU Setup and Configuration

• OUs are defined per domain and are visible in the TechIDPortal.
• You can assign a unique OU to each TechIDAgent or use the same OU name across domains.

To set the OU for a domain, run the following command on each domain controller where TechIDAgent (v1.90 or later) is installed:

TechIDAgent.exe OU {OUName}

Replace {OUName} with your desired OU name. If the name includes spaces, enclose it in quotes (” “). Use the format X.Y.Z where:

• X is the top-level folder
• Y is a subfolder
• Z is a sub-subfolder

Do not use the CN=… syntax.

The OU change takes effect at the next run. You can run this command whether RuffianTechIDAgent is running or stopped—just remember to restart it if it was stopped.

If the specified OU doesn’t exist, it will be created. New tech accounts will be created in this OU, and existing ones will be moved there.

Additional Notes

• If you don’t set an OU, new accounts will be created in the default “Users” container.
• If you set the OU to “Users”, tech accounts will be moved to the default Users container. (Technically, “Users” is a CN, not an OU—but it’s commonly referred to as an OU.)
• You can also use “reset” to return to the default setting.