Administer Active Directory - MCSA Windows Server 2012 R2: Installation and Configuration Study Guide - page 280

Information Technology Reference

In-Depth Information

As you can see, managing Active Directory objects is generally a simple task. The Active

Directory Users and Computers tool allows you to configure several objects. Let's move on

to look at one more common administration function: moving objects.

Moving, Renaming, and Deleting

Active Directory Objects

One of the extremely useful features of the Active Directory Users and Computers tool is its

ability to move users and resources easily.

Exercise 5.8 walks you through the process of moving Active Directory objects. In this

exercise, you will make several changes to the organization of Active Directory objects. To

complete this exercise, first you must have completed Exercise 5.5.

exercise 5.8

moving Active Directory objects

1.

Click the Windows key on the keyboard and choose Administrative Tools.

2.

Open the Active Directory Users and Computers tool and expand the name of the

domain.

3.

Select the Sales OU (under the New York OU), right-click Workstation1, and select Move.

A dialog box appears. Select the RD OU and click OK to move the Computer object to

that container.

4.

Click the RD OU and verify that Workstation1 was moved.

5.

Close the Active Directory Users and Computers tool.

In addition to moving objects within Active Directory, you can easily rename them by right-

clicking an object and selecting Rename. Note that this option does not apply to all objects.

You can remove objects from Active Directory by right-clicking them and choosing Delete.

Deleting an Active Directory object is an irreversible action. When an

object is destroyed, any security permissions or other settings made for

that object are removed as well. Because each object within Active Direc-

tory contains its own security identifier (SID), simply re-creating an object

with the same name does not place any permissions on it. Before you

delete an Active Directory object, be sure that you will never need it again.

Windows Server 2012 R2 has an Active Directory Recycle Bin to allow an

administrator to retrieve a deleted object, but in case the Recycle Bin gets

cleared, it's better to be safe than sorry. Also, the AD Recycle Bin is dis-

abled by default, so it will be unavailable unless you turn that feature on.

So, what is the moral of this story? Don't delete AD objects unless you are

absolutely sure you want them gone.

Next Page

MCSA Windows Server 2012 R2: Installation and Configuration Study Guide

Search WWH ::

Custom Search

Home