Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

If you move an OU (and all sub OU's) will it loose any info (e.g., gpo's, etc)?

Posted on 2009-04-05
3
Medium Priority
?
320 Views
Last Modified: 2012-05-06
I want to move an OU within Active Directory.  I will be moving the OU higher in the hierarchy.  Will that cause my OU (and sub OU's) to loose anything?
0
Comment
Question by:victor2008
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Accepted Solution

by:
Americom earned 500 total points
ID: 24074345
Yes, it will lose the GPOs linked to the OU and sub OUs. It also could lose some of the permissions that were assigned through delegation or from direct assignment to the OUs. Also, if you have block inhertance of GPO from parent OU or domains level etc, you could lose that as well. When you move to other OU, you could inherited GPO and permisisions in the similar fasion where you intend to move it to.
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 500 total points
ID: 24074671
The GPOs linked directly to that OU should still be linked to the OU when you move it (just tested it).  Americom is right about the GPOs linked at the parent you will lose those
You can also use Group Policy modeling from GPMC to see what policies will apply to a user or computer that is moved before you move them.  In this case you are moving an OU so not as helpful but something to put out there for the future
More on that here:
http://technet.microsoft.com/en-us/library/cc780305.aspx
 
Thanks
Mike
 
0
 
LVL 18

Expert Comment

by:Americom
ID: 24077001
Good point Mike. The GPOs linked "directly" to the OU should still be linked to the OU as those are GPO links which should follow the OU that was linked to.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question