Monthly Archive


Windows 2008 R2 – OU

One of the big benefits of Windows 2008 R2 is the fact that PowerShell v2 is installed by default and that AD can be administered by PowerShell.  There are 76 AD cmdlets and an AD provider.  We’ll start by looking at the cmdlets.

Organizational Units are the subdivisions with a domain.  We can easily create a new OU.

New-ADOrganizationalUnit -Name "AllUsers" -ProtectedFromAccidentalDeletion $true

The default location is to create OUs in the root of the domain.  I really like the ability to set Protection from Accidental Deletion on when I create the OU.

If I want to create a child OU I just need to add the path to the OU in which I want to create the OU.

New-ADOrganizationalUnit -Name "RemoteUsers" -Path "OU=AllUsers,dc=grayson,dc=test" -ProtectedFromAccidentalDeletion $true

We also have Get-, Set- and Remove-OrganizationalUnit cmdlets.

The Get returns a Microsoft.ActiveDirectory.Management.ADOrganizationalUnit object – NOT a directory entry object.  We need to use the other cmdlets to work with the OU.

Leave a Reply