I have 3 DC's Windows Server Datacenter 2016 and about 80 other servers with a mix of OS's. Windows 2008 R2, 2012, and 2016. I'm configuring a patch managment solution to deploy Windows updates. I'm lookng for the best way to set up my Servers in their OU's and GPO's. I will need an OU for critical and one OU for non-critical servers.
Should I have all servers with different OS's in one OU with one GPO or should I have separate OU's for each servers OS's?
What is the best practice?