Skip to main content

Purdue IT plans to consolidate regional Active Directory domains in summer 2026

Purdue currently operates multiple regional Active Directory (AD) domains (e.g., PFW, PNW, Purdue Online), which has led to duplicated effort, inconsistent policies and increased administrative overhead. This project will consolidate those regional domains into a single, centralized enterprise Active Directory (BoilerAD) while maintaining required functionality for regional and business-specific needs.

The primary goals of this effort are to:

  • Reduce complexity and administrative overhead associated with managing multiple AD domains
  • Improve security through consistent policies, controls and governance
  • Provide a more seamless and reliable authentication experience for users
  • Establish a scalable foundation for future identity and access management initiatives

The project includes:

  • Inventory and assessment of all regional AD user, computer, group and policy objects
  • Design and implementation of a centralized AD architecture
  • Migration of users, groups, and Group Policy Objects (GPOs) into BoilerAD
  • Coordination with application and service owners to validate authentication dependencies
  • Decommissioning of legacy regional AD domains following successful migration

It does not include migration of legacy applications that are not compatible with the centralized AD.

Example:

The NW AD, or Purdue Northwest Active Directory, is a system we use to manage access to computers and resources based on a person's role or the type of device they’re using. Think of it like a digital filing cabinet that helps us organize and control who can do what in our Windows environment.

For example:

  • If you're part of a certain team, AD makes sure you can access the files and tools you need.
  • If a computer is used for a specific purpose, AD helps apply the right settings and permissions to it.

In short, AD helps us keep everything secure, organized, and running smoothly by managing users, computers, and their permissions.

Actions Required:

All IT teams supporting systems that rely on regional Active Directory must:

  1. Review and confirm AD objects under your ownership
  2. Validate application and service authentication dependencies
  3. Engage in scheduled testing and migration activities
  4. Remove objects from the regional AD once they have been moved to BoilerAD
  5. Communicate known risks or constraints early

If you’re unsure whether your system or service is impacted, please contact the project team at accounts@purdue.edu. Early questions are strongly encouraged.