How to define an OU as default location for new Computer objects

Share this:

By default all computer objects are created under the Computers container and in this Tutorial we are going change (redirect) this default location to a new organization unit (OU).

In the image below we can see that a few servers were added to the domain and as usual they were created in the Computers container.

image2

Group Policies are applied at Site, Domain or Organization Unit level however the Computers is a container and cannot have an OU assigned to it, as shown in the image below using Group Policy Management console. In some companies the newly joined computers may require to receive a GPO right away.

image8

Validating the prerequisites…

Before planning to use an OU to be the default location for new computer objects we must make sure that the domain level is at least Windows Server 2003.

We can find that information by right-clicking on the domain name, and then Properties in Active Directory Users and Computers.

image5

Configuring an Organization Unit (OU)…

The first step is to create a new OU and we can use the same Active Directory Users and Computers to create the new OU. I would recommend to use the default setting Protect container from accidental deletion. In our Tutorial we are going to name the new OU as InitialOU

image11

Having the new OU created, we just need to run the redircmp and the distinguished name for the new OU. The following example below uses our newly created OU located at the root of the patricio.local domain.

redircmp OU=InitialOU,DC=patricio,dc=local

image14

Testing the redirection…

Let’s get any server or workstation that is not in the domain and join to the domain. In our example below we have a server named POASRV01, let’s open Server Manager, and then click on Local Server and finally in workgroup.

image17

In the new window, click on Change…, and in the Computer Name/Domain Changes select Domain and type in the domain name, and finally click OK. After that fill the credentials out and click OK and the result will be similar to the figure below.

image20

After the message informing that the server was added successfully to te domain, we can click on InitialOU and we will have the new computer account created on the new location.

image23

Written by Anderson Patricio

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at ITPROCentral.com, MSExchange.org, Techgenix.com and Anderson Patricio.org (Portuguese).

Related Post

Auditing logon events with FortiGate How to enable Auditing on Active Directory. One of my customers was implementing web filtering using Active Directory with Fortigate firewall applianc...
How to add the Active Directory Domain Services ro... In this Tutorial we are going over the process to add the Active Directory Domain Services role on a Windows Server 2012 R2. This procedure will be th...
How to configure an OU as default for new objects ... In this Tutorial we will configure an Organization Unit as new default location for new users. By default, all new objects created by Exchange for exa...
How to disable all accounts from an Organization U... In some cases, the administrator must disable all accounts from a specific Organization Unit. We can approach this task from either Active Directory U...