Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [organizational-unit]

A unit of organization in Windows Server that organizes Users, Computers, and Printers.

78 questions
9
votes
1 answer

Is it possible for a child domain and a OU in the parent domain to share the same name?

I'm adding this Q/A because I just stumbled upon this limitation today, and I was not able to find any documentation about it; there is an old KB article about this issue, but it's currently not indexed by Google (probably because it was…
Massimo
  • 70,200
  • 57
  • 200
  • 323
8
votes
4 answers

GPO not applying to an OU

We have a batch file (logon.bat) that maps drives whenever a user logs on. This script is applied by Group Policy to the entire domain. Initially, this worked perfectly, as we always wanted this script to be applied. However, now we have PCs at a…
Austin ''Danger'' Powers
  • 1,180
  • 6
  • 21
  • 51
7
votes
3 answers

PowerShell - Limit the search to only one OU

Ive got this cmdlet and I'd like to limit the results to only one OU: Get-ADUser -Filter {(Enabled -eq $false)} | ? { ($_.distinguishedname -notlike '*Disabled Users*') } Now Ive tried to use -searchbase "ou=FirstOU,dc=domain,dc=com" But if I…
Npv23g
  • 320
  • 4
  • 6
  • 12
7
votes
2 answers

In LDAP is it best to nest groups under organizational units or create an organization unit directly under the root dn just for groups?

I'm not sure whether it's better to nest groups under each of my organizational units or to make an organization unit directly under the root DN just for groups. Is one considered best practice over the other? I want to keep my configuration as…
Jeff
  • 496
  • 3
  • 10
6
votes
1 answer

Join VM to specific Active Directory OU using System Center VMM 2012 Guest OS Profile

We use System Center 2012 Virtual Machine Manager to deploy VMs to our Hyper-V servers. We are starting to use the VM and Service templates to automate our system deployments, but one step we need to automate is adding the server to our Active…
Greg Bray
  • 5,610
  • 5
  • 36
  • 53
6
votes
3 answers

How do you override a GPO with another GPO?

If there is a GPO which is applied to all Domain Computers which disables something, is there a way to re-enable the disabled thing for some hosts in the domain, without taking those hosts out of the default Domain Computers group? In other words,…
paradroid
  • 868
  • 5
  • 15
  • 29
5
votes
3 answers

Windows server. The difference between organisation units and groups? (Active directory)

So they are both objects that you use to organise other objects. You can add users, groups and computers to both of them. What is the difference between them? What is the best way to divide users and computers of different departments in a company…
redi
  • 75
  • 1
  • 1
  • 4
5
votes
3 answers

How can I create Organizational Units recursively on Powershell?

I'm writing a Powershell script to populate all the company users to a Active Directory from a CSV file. The script uses the Powershell command New-ADUser and it should know, for every user, where is the path to add them, for example: "OU=IT…
Maurício Mota
  • 199
  • 2
  • 9
5
votes
1 answer

PowerShell - Finding all of users' group memberships and kicking it out of them

as title says, I have to find all the groups that the user is a member of, and deleting its membership from all of them. I've tried this: get-adgroup -filter * | where {(Get-ADGroupMember $_ | foreach {$_.PrimarySmtpAdress}) -contains…
Npv23g
  • 320
  • 4
  • 6
  • 12
5
votes
2 answers

Do I need child domains in AD?

I have a an organization having HQ(about 150 users) in one city and 16 branches (high schools, 300-400 users each) each in different city. What I have to do is create a domain(s) in AD for corporate network. I was suggested to do the…
ysakiyev
  • 263
  • 1
  • 5
  • 12
4
votes
2 answers

Error Creating OU: Name is Already In Use

I have an OU structure for computers that looks like this: Workstations |-- Building | |-- Floor, Department, or Approximate Location ... I want to create a child OU called "3 North" in that building's OU, but I am getting the following…
Wes Sayeed
  • 1,902
  • 6
  • 28
  • 43
4
votes
1 answer

Change AD users attributes via Power Shell script

In the domain I'm working we created an attribute "regulationMatrix" . When I try a powershell command like get-aduser USER -properties * that specific attribute shows up only if it has a value set like "regulationMatrix : {PIC}",…
Cranta Ionut
  • 179
  • 3
  • 4
  • 12
4
votes
3 answers

Find out if password expired or when it expires for user in a specific OU

Is there any powershell command that outputs the users that have their passwords expired from a specific organizational unit (OU). If so can it be combined in a script with another command that outputs the time when it expires for all the users in…
Cranta Ionut
  • 179
  • 3
  • 4
  • 12
4
votes
3 answers

PowerShell - finding users who are Inactive AND not disabled

I wrote this cmdlet: Search-ADAccount -filter {(enabled -eq $true)} -Users Only -SearchBase "ou=FirstOU,dc=domain,dc=com" -AccountInactive -TimeSpan 30 But it outputs an error: Search-ADAccount : A parameter cannot be found that matches parameter…
Npv23g
  • 320
  • 4
  • 6
  • 12
4
votes
1 answer

Server 2008: Link security group to organisational unit

I've created a test domain with 2 VM's to experiment and try to gain some knowledge using Server 2008 (+GPO's, OU's, ADUC etc) however I've become a little stuck. I've created an OU called User Policies and linked a GPO within that OU called Menu…
obious
  • 181
  • 3
1
2 3 4 5 6