endsupport
asked on
How do I know who moved an OU in ADUC ?
One of the OUs was moved in to another OU making a mess and a lot of issues raised because of that. I was looking at the security logs on the DCs, but can't find anything related to this change in AD. This isn't the first time it happened and we are looking for the responsible, but can't any log that points to it.
I also know that this is related to the drag&drop feature in ADUC 2003, but as I read, it can't be disabled.
I also know that this is related to the drag&drop feature in ADUC 2003, but as I read, it can't be disabled.
You can actually guard against this in 2003 through careful application of security settings within ADUC: http://technet2.microsoft.com/windowsserver/en/library/ea72bc34-6136-42e3-aa36-e2246f15d09d1033.mspx?mfr=true
In 2008 it's simpler - each OU comes with this little "Protect from accidental deletion" check-box which will prevent it from being deleted or dragged-and-dropped unless you manually go into the Properties sheet and remove the check.
In 2008 it's simpler - each OU comes with this little "Protect from accidental deletion" check-box which will prevent it from being deleted or dragged-and-dropped unless you manually go into the Properties sheet and remove the check.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everybody for your efforts. We couldn't find the culprit and I think we will be looking for a third party software to do this much easier, like the one jasonwilliams74 suggested.
http://blogs.msdn.com/ericfitz/archive/2005/12/05/500316.aspx
Cheers,
Andy