[ Team LiB ] |
Recipe 5.10 Allowing OUs to Be Created Within Containers5.10.1 ProblemYou want to create an OU within a container. By default, you cannot create OUs within container objects due to restrictions in the Active Directory schema. 5.10.2 Solution5.10.2.1 Using a graphical user interface
5.10.2.2 Using a command-line interfaceCreate an LDIF file called ou_in_container.ldf with the following contents: dn: cn=organizational-unit,cn=schema,cn=configuration,<ForestRootDN> changetype: modify add: possSuperiors possSuperiors: container - then run the ldifde command to import the change: > ldifde -i -f ou_in_container.ldf 5.10.2.3 Using VBScript' This code modifies the schema so that OUs can be created within containers Const ADS_PROPERTY_APPEND = 3 set objRootDSE = GetObject("LDAP://RootDSE") set objOUClass = GetObject("LDAP://cn=organizational-unit," & _ objRootDSE.Get("schemaNamingContext") ) objOUClass.PutEx ADS_PROPERTY_APPEND, "possSuperiors", Array("container") objOUClass.SetInfo 5.10.3 DiscussionAllowing OUs to be created within containers requires a simple modification to the schema. You have to make the container class one of the possible superiors (possSuperiors attribute) for the organizationalUnit class. 5.10.4 See AlsoRecipe 10.1 for using the Schema snap-in and MS KB 224377 (Configuring Different Containers to Hold Organizational Units) |
[ Team LiB ] |