Sponsored Links
Windows Server 2008 Active Directory comprises of lot many
new features and functionalists. You can protect Active Directory OUs from
accidental deletion. This can be done at the time of creation of OU. This
option will be active by default.
But if you want to protect the OU from accidental deletion
later time, use Active Directory Administrative Center and locate your OU. Take the properties of the particular OU from the right pane and check the option as
seen in the below picture:
But if you have a bunch of OU that need to be protected, it
can be done using this PowerShell script.
Firstly, Open Active Directory Module for Windows
PowerShell.
And run the below script to view list of OU that are not
protected from accidental deletion.
Get-ADOrganizationalUnit
-filter * -Properties ProtectedFromAccidentalDeletion | where
{$_.ProtectedFromAccidentalDeletion -eq $false} | ft
The script
will generate a list similar to what you see in below screenshot:
Once you
have detemined the number OU to be protected, run the below script. This will
protect all the OU in the domain from accidental deletion.
Get-ADOrganizationalUnit
-filter * -Properties ProtectedFromAccidentalDeletion | where
{$_.ProtectedFromAccidentalDeletion -eq $false} | Set-ADOrganizationalUnit
-ProtectedFromAccidentalDeletion $true
Now, use below script to check the status of the OUs:
Get-ADOrganizationalUnit
-filter * -Properties ProtectedFromAccidentalDeletion | where
{$_.ProtectedFromAccidentalDeletion} | ft
And see the
output in the screenshot below:
As you see
in the above screenshot, status will be ‘True’, that means all the OU are
protected from accidental deletion.
