9.12. Creating a GPO Link to an OU

Problem

You want to apply the GPO settings to the users and/or computers in an OU. This is called linking a GPO to an OU.

Solution

Using a graphical user interface

  1. Open the GPMC snap-in.

  2. In the left pane, expand the Forest container, expand the Domains container, and browse to the target domain.

  3. Right-click on the OU you want to link and Link an Existing GPO.

  4. Select from the list of available GPOs and click OK.

Using VBScript

' This code links a GPO to an OU
' ------ SCRIPT CONFIGURATION ------
strGPO     = "<GPOName>"        ' e.g. Sales GPO
strDomain  = "<DomainDNSName>"  ' e.g. rallencorp.com
strOU      = "<OrgUnitDN>" ' e.g. ou=Sales,dc=rallencorp,dc=com intLinkPos = -1 ' set this to the position the GPO evaluated at ' a value of -1 signifies appending it to the end of the list ' ------ END CONFIGURATION --------- set objGPM = CreateObject("GPMgmt.GPM") set objGPMConstants = objGPM.GetConstants( ) ' Initialize the Domain object set objGPMDomain = objGPM.GetDomain(strDomain, "", objGPMConstants.UseAnyDC) ' Find the specified GPO set objGPMSearchCriteria = objGPM.CreateSearchCriteria objGPMSearchCriteria.Add objGPMConstants.SearchPropertyGPODisplayName, objGPMConstants.SearchOpEquals, cstr(strGPO) set objGPOList = objGPMDomain.SearchGPOs(objGPMSearchCriteria) if objGPOList.Count = 0 then WScript.Echo "Did not find GPO: " & strGPO WScript.Echo "Exiting." WScript.Quit elseif objGPOList.Count > 1 then WScript.Echo "Found more than one matching GPO. Count: " & _ objGPOList.Count ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial