Should administrators, on separated depot servers, be able to see data and interact only with their own environment? Should they have access to the management interface but still have no access to global server administration? If the extension "User Roles" is activated the client visibility can be configured specifically per depot and thus the editing of global settings can be prevented. A pure read only access e.g. for the Help Desk can be established as well.
In order to avoid the endeavor of having clients being joined to a domain and then added to opsi, the "Directory Connector" extension allows the synchronization of PCs between systems by connecting opsi to Active Directory or Samba 4.