Wednesday, January 20, 2016

Prevent Objects from being Accidentally Deleted in Active Directory

Once you have gone through all the effort of designing and implementing your Active Directory structure you may wish to lock down some of your Active Directory objects to prevent them from being accidentally deleted or moved. Organisation Units (OUs) are locked down by default however you may also want to do this to your domain controllers and important servers.

To do this, start Active Directory Users and Computers and make sure you have Advanced Features selected in your management console.


Then find the object you want to protect, right-click on it and select Properties. If you've selected Advanced Features in your Active Directory Users and Computers console, you should now see an Object tab. Select Protect object from accidental deletion and then you're done.


In our Unit34.co domain, we did this for our domain controllers and our Hyper-V server Carbon.Unit34.co.

No comments:

Post a Comment