How to Create OU in Active Directory – Windows Server 2012 R2
In this post, we’ll learn the steps to create OU in Active Directory. OU (Organizational Unit) is a type of container that you can create in Domain Controller. It can be used to store Users, Computers, Groups and OUs. Organizational Unit can also be used as per your Organizational structure or as per your Organization’s geographical structure.
Organizational Unit can also be used to delegate permissions. Let us take an example, that Helpdesk in your Organization is responsible for password reset, create new user, reset user password, add computer in domain, etc. In that case you can delegate permissions to Helpdesk team so that can perform all the above mentioned tasks without contacting you or senior colleagues.
Creating Organizational Unit (OU) in Active Directory
1. To create OU in Active Directory, we need to open “Active Directory Users and Computers”. Click on Start button and click administrative tools or you can use “dsa.msc” command in Run.
2. In Administrative Tools Window, Click on Active Directory Users and Computers. Active Directory Users and Computers can also be open by clicking on Start, click on down arrow and select “Active Directory User and Computer” or right click on Start, select run and type “DSA.MSC” and hit enter.
3. In Active Directory Users and Computers window, right click on Domain. In this example domain name is ABC.COM. Click on “New”, it shows various options for creating new objects. We’ll talk about other options in future posts. To create an OU, click on “Organizational Unit”.
4. It will open “New Object-Organizational Unit console”, type OU name in name tab. Select an option “protect the container from accidental deletion”, it will use enhance security and prevent accidental deletion of OU. We’ll cover the steps to delete an OU by removing extra protection in future articles. Click on OK to close the window.
5. Here we can see that the Organizational Unit(ou1) is created. Similarly we can create nested OUs by selecting an OU in which we want nested OU to be created.
6. For deleting an OU with enhanced security, first we have to disable “Protection from accidental deletion”. To disable accidental deletion click on ‘View’ and then select Advanced Features.
7. After enabling Advanced Features, right click on Organizational Unit (ou1) and click on Properties.
8. In OU1 properties window, click on ‘object’ tab, here we can see checked “Protect object from accidental deletion” option. Uncheck that enhanced security options and click OK. This option will not be visible if Advanced Feature is not enabled (step 6).
9. Please ensure that advanced feature is not enable all the time. To disable advanced feature click on View and uncheck the Advanced Feature option.
10. For deleting OU, right click on OU and click on Delete.
11. Here, we have to confirm that we want to delete the Organizational Unit named ‘ou1’ by click on YES.
12. Now we can verify that Organizational Unit (ou1) is deleted.
Hope you understood the steps to create OU in Active Directory and steps to delete OU from Domain Controller.