?
Solved

cannot move AD user object to a new OU,  access is denied

Posted on 2016-08-26
6
Medium Priority
?
406 Views
Last Modified: 2016-08-26
Trying to move a user object from one OU to another OU.  I get an access denied alert when trying.  This is not an issue with other user objects.  How do i check the security settings of the user object, (User account)?  This has not been an issue in the past with other users.  This particular user has been with the company for 20+ years so,  the object is very old.

Im a domain admin,  checked the permissions of both OU's and Domain Admins are allowed full access.
0
Comment
Question by:dmenck
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 16

Expert Comment

by:FOX
ID: 41771701
In Active Directory users and computer right-click the user click the object tab and check to see if there is a check mark in PREVENT FROM ACCIDENTAL DELETION.  If there is Uncheck it, move the user then check it back.  

**Your view in Active Directory users and computers should have advanced features turned on and show objects as containers**
0
 

Author Comment

by:dmenck
ID: 41771716
"PREVENT FROM ACCIDENTAL DELETION"  is not checked.  sorry I looked at that earlier and should have added it to the original message.
0
 
LVL 16

Accepted Solution

by:
FOX earned 2000 total points
ID: 41771724
Right-click that user, select the security tab and make sure "Domain Admins" is in there.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:dmenck
ID: 41771732
lol,  sometimes we overthink the obvious.  
That was it!  
Thanks for the assist.
Have a great day.
0
 
LVL 16

Expert Comment

by:FOX
ID: 41771768
Good work
1
 

Author Closing Comment

by:dmenck
ID: 41771836
Thanks for your help Foxluv!!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question