There are times you will want to move a computer or user object to a new OU in order to allow the security (GPO) policies to apply to them. In my case, I will be moving the AnsibleServer to a different OU in order to apply the DriveLock policy to it. This will ensure DriveLock Agents are automatically deployed to the computers.
Method 1: I will be demonstrating these steps using Active Directory Users and Computer Console.
– Launch the Active Directory User and Computer Tool as shown below
– Navigate to the desired OU and
– Move the computer object from the Computer default container to EmployeePC OU as shown below
You will be prompted with a waring window as shown above,
– Select “Yes” acknowledging that you are okay with policies being altered.
Method 2: The first method I discussed above can be a bit risky as you can easily move an object into a wrong OU. So I prefer using this method below.
– Navigate to the OU (computer container) where the computer you wish to move is.
– Right-click on the computer object you wish to move
– Click on move
This will open the move object into container window as shown below
– Select the desired OU you wish to move the object into
Now when you click on the EmployeePC OU, the computer object will be available in the OU.
Note: The same principles applies to moving a user object as well.
Method 1: Moving User object in Active Directory.
– Just move the user object into the right container and
– Click on Yes to accept the security warning
Method 2: Right-click on the user object and move it to the desired OU as shown below. This is the recommended method.