5.1. Creating an OU

Problem

You want to create an OU.

Solution

Using a graphical user interface

  1. Open the Active Directory Users and Computers (ADUC) snap-in.

  2. If you need to change domains, right-click on the Active Directory Users and Computers label in the left pane, select Connect to Domain, enter the domain name, and click OK.

  3. In the left pane, browse to the parent container of the new OU, right-click on it, and select New Organizational Unit.

  4. Enter the name of the OU and click OK.

  5. To enter a description for the new OU, right-click on the OU in the left pane and select Properties.

  6. Click OK after you are done.

Using a command-line interface

> dsadd ou "<OrgUnitDN>" -desc "<Description>"

Using VBScript

' This code creates an OU 
' ------ SCRIPT CONFIGURATION ------
strOrgUnit       = "<OUName>"      ' e.g. Tools
strOrgUnitParent = "<ParentDN>"    ' e.g. ou=Engineering,dc=rallencorp,dc=com
strOrgUnitDescr  = "<Description>" ' e.g. Tools Users
' ------ END CONFIGURATION ---------

set objDomain = GetObject("LDAP://" & strOrgUnitParent)
set objOU = objDomain.Create("organizationalUnit", "OU=" & strOrgUnit)
objOU.Put "description", strOrgUnitDescr
objOU.SetInfo
WScript.Echo "Successfully created " & objOU.Name

Discussion

OUs are used to structure data within Active Directory. Typically, there are four reasons why you would need to create an OU:

Segregate objects

It is common practice to group related data into an OU. For example, user objects and computer objects are typically stored in separate OUs (in fact, ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial