Block access to active directory computers container

Hello,
I'd like to come up wiht a way to prevent technicians from joining computers to the domain and having the computer go into the default Computers container. We have a group that has been delegated access, and I tried to remove the delegated permissoins and just put them on the top level OU that contains our computer accounts. So, there are no more permissions applies to the default COMPUTERS container, but they can still add computers whihc end up there. I even tried to add explicit deny permissions, but that did not help.

Please post any possible solutions, or let me know if you need more details.

Thanks!

Active Directory

Last Comment

McKnife

8/22/2022 - Mon

Mike Kline

3/15/2012

Have you looked at redircmp

http://technet.microsoft.com/en-us/library/cc770619(v=ws.10).aspx

You can have them put into an OU you choose instead of the default computers container.

Thanks

Mike

ASKER CERTIFIED SOLUTION

McKnife

3/15/2012

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

GET A PERSONALIZED SOLUTION

Ask your own question & get feedback from real experts

Find out why thousands trust the EE community with their toughest problems.

tmazowski

3/16/2012

ASKER

McKNife,

Yes, I was aware, but these techs have long surpassed the 10 workstations. I think we even disabled the ability for domain users when the AD was put in place several years ago.

TM

McKnife

3/16/2012

Please read the entire article. They tell you how to modify ACLs on that container to solve your problem - that is not the same as modifying delegations.

Your help has saved me hundreds of hours of internet surfing.

fblack61