Sign in with
Sign up | Sign in
Closed

I Am Unable to Delete an OU from Windows Server 2012 Domain Controller

This Tutorial addresses:
  • Windows Server
  • Domain Controller
  • Active Directory
In Windows Server 2008 (all versions and flavors) and Windows Server 2012 (all versions and flavors), Microsoft has added an additional security restriction with the help of which the Active Directory objects cannot be deleted under normal circumstances. The objects are protected against the accidental deletion, and the feature that turns this security measure on or off is controlled with the help of a checkbox. The checkbox is by default hidden, and can only become visible when the Advanced Features option under the View menu enabled.

While enabling the Advanced Features option, you must make sure that you turn the feature off again as soon as you have removed the unwanted Active Directory object from the domain controller. Since the feature that provides protection against accidental deletion is object specific, you are required to disable the feature for each and every Active Directory object individually that you want to delete.

For example, if you want to remove OU-01 from the Active Directory domain controller, you must disable the protection on that particular OU. Likewise, if you want to remove OU-02, you must disable the protection on the second OU as well.

The protection against accidental deletion is not only enabled for Organizational Units, but for almost every Active Directory object.

Here’s how you can delete an OU (or any other Active Directory object) from the Windows Server 2012 Active Directory domain controller:

  1. Log on to the target Windows Server 2012 Active Directory domain controller with either Enterprise Admin or Domain Admin account.

  2. If not already started, initialize the Server Manager window from the bottom left corner of the screen.

  3. On the opened Server Manager window, go to Tools from the menu bar.

  4. From the displayed list, go to Active Directory Users and Computers.



  5. On the opened Active Directory Users and Computers snap-in, go to View from the menu bar.

  6. From the displayed list, click Advanced Features to enable the option.



  7. Once the Advanced Features are enabled, right-click the target OU that you want to delete.

  8. From the displayed context menu, go to Properties.



  9. On the opened object’s properties box, go to the Object tab.

  10. On the displayed interface, uncheck the Protect object from accidental deletion checkbox.



  11. Once done, click OK to save the modified settings.

  12. Right-click the OU, and from the context menu, click Delete.

  13. On the displayed confirmation box, click Yes to provide your consent to confirm the deletion process.

    Can't find your answer ? Ask !