Fixes for Windows

Change the default Organizational Unit where machine accounts drop

This is an easy one.

If you want to customize your directory’s default location for newly-joined machine accounts (that do not specify OU where they wish to join), it’s a single 2-part command.

As is the norm with these tasks, launch an Administrative PowerShell and run redircmp OU=Devices,OU=MyDomain,DC=example,DC=tld. If your there are spaces on the address of your LDAP tree, wrap the LDAP string in “”, e.g; redircmp "OU=Awaiting Placement,OU=My Domain,DC=example,DC=tld". Windows is very forgiving with whitespaces but it’s best to be sure. Microsoft is not know for consistency.

Remember, Domain Controllers go into their own thing. Ignore them as much as you can and keep forcing replication (repadmin /syncall). If you change too many things.

Leave a Reply