G Suite Organizational Unit Structure in a K-12 Environment
As previously stated, I work in a K-12 school district. Recently there were some incidents that required me to evaluate and make some changes to the organizational unit structure in our G Suite domain. Without getting into policy or politics, the concerns raised had to do with how to go about preventing certain types of communication while still providing equity of education in a one-to-one Chromebook environment.
Our initial user OUs had minimal granularity available. In the below example I've left out devices:
Review of the Google Apps for EDU: Domain Best Practices documentation indicates two options for structuring larger deployments: Role-oriented structure or Organization-oriented structure. In the sample role-oriented structure the division is by staff and student, with students further divided by grade level. Organization-oriented structure has a location based initial division, with staff and students as child organizational units. Also while researching I found this YouTube video produced by Amplified IT that included suggestions on suspended and extended use organizational units.
Based on the best practices and recommendations, I did a couple calculations for management of different set ups for my environment, factoring in the current and expected IT staffing levels to support the new structure. I ended up with a projected number of OUs ranging from 30 (using a role based grade level scenario) to over 1000 (using a location based system with grade level granularity). At that point, I presented the scenarios to different tech department contacts, specifically the individuals involved in our web filtering system, email systems and student information. Both web filtering and email configuration leads primary request was to provide a parent level OU to contain the students.
Our final configuration ended up being a hybrid approach:
This final configuration provides both the top level parent OUs for district wide management, as well as school based granularity. In some instances we do have duplicate school entries. This was particularly necessary for some of our K-8 and K-12 schools, as some services that could be used in an educationally relevant fashion for older students should not be available for younger kids.
Every organization's set up will have it's own considerations and challenges. For me it was a matter of balancing best practices with a configuration we can actually support and manage efficiently. Within the next 45 days my department will be participating in an audit of our set up and management practices for Google Apps for Education. Any relevant findings or suggestions will be posted here.
Our initial user OUs had minimal granularity available. In the below example I've left out devices:
- G Suite Administrators
- Teachers (All Staff)
- Chromebook Managers
- Students
- Primary (PreK - Grade 3)
- No Additional Services
- Intermediate (Grade 4 - Grade 6)
- No Additional Services
- Middle School (Grade 7 - Grade 8)
- No Additional Services
- High School (Grade 9 - Grade 12)
- No Additional Service
Review of the Google Apps for EDU: Domain Best Practices documentation indicates two options for structuring larger deployments: Role-oriented structure or Organization-oriented structure. In the sample role-oriented structure the division is by staff and student, with students further divided by grade level. Organization-oriented structure has a location based initial division, with staff and students as child organizational units. Also while researching I found this YouTube video produced by Amplified IT that included suggestions on suspended and extended use organizational units.
Based on the best practices and recommendations, I did a couple calculations for management of different set ups for my environment, factoring in the current and expected IT staffing levels to support the new structure. I ended up with a projected number of OUs ranging from 30 (using a role based grade level scenario) to over 1000 (using a location based system with grade level granularity). At that point, I presented the scenarios to different tech department contacts, specifically the individuals involved in our web filtering system, email systems and student information. Both web filtering and email configuration leads primary request was to provide a parent level OU to contain the students.
Our final configuration ended up being a hybrid approach:
- G Suite Administrators
- Teachers (All Staff)
- Chromebook Managers
- Students
- Primary (PreK - Grade 3)
- School
- No Additional Services
- Intermediate (Grade 4 - Grade 6)
- School
- No Additional Services
- Middle School (Grade 7 - Grade 8)
- School
- No Additional Service
- High School (Grade 9 - Grade 12)
- School
- No Additional Services
- Restricted Access
This final configuration provides both the top level parent OUs for district wide management, as well as school based granularity. In some instances we do have duplicate school entries. This was particularly necessary for some of our K-8 and K-12 schools, as some services that could be used in an educationally relevant fashion for older students should not be available for younger kids.
Every organization's set up will have it's own considerations and challenges. For me it was a matter of balancing best practices with a configuration we can actually support and manage efficiently. Within the next 45 days my department will be participating in an audit of our set up and management practices for Google Apps for Education. Any relevant findings or suggestions will be posted here.
Thanks for your post. It's very helpful post for us. You can also visit charts and reports for jira service desk for more Victor Steel related information. I would like to thanks for sharing this article here.
ReplyDelete