|
Prying eyes of junior admins? I managed my own AD environment and do not hide any OU or User and we are not trusted with our main campus AD, however, the undergraduate departments are part of the campus AD. It took a year to figure why no one can rename a computer. The computer have to disjoin the domain, rename, and and then rejoin the domain, that is the only way. The main AD guys just said that is the way it is so live with it. I was asked by 2 departments to test it in my domain. I have no problem renaming computer accounts in AD. So we renamed a whole lab w/o any issue. They must have asked for Microsoft's help, and it turned out that the "Builtin" OU was hidden for security reason. For what reason I didn't ask. Authenticated users need READ access to that OU. Why? Microsoft does not know. So after they figured it out I wanted to see how they hide that OU. One way to modify(hide) OUs and Users is to use ldifde.exe. I tested and it did work. So there is my solution. -Z.V. Al Mulnick wrote:
|
- Re: [ActiveDir] HIDE OU Za Vue
- Re: [ActiveDir] HIDE OU Al Mulnick
- RE: [ActiveDir] HIDE OU Darren Mar-Elia
- Re: [ActiveDir] HIDE OU Al Mulnick
- RE: [ActiveDir] HIDE OU Darren Mar-Elia
- Re: [ActiveDir] HIDE OU Al Mulnick
- RE: [ActiveDir] HIDE OU Darren Mar-Elia
