Windows Server 2019 - Active Directory Setup#

Organizing Objects with Organization Units (OU)#

The main task for Active Directory is to group objects such as users, groups, contacts, computers, printers, and shared folders into Organization Units (OU) and manage access rights for each object.

Organization Unit Structure#

• Organization Unit: Main unit for grouping objects.
• Sub-OU: Sub-unit within an Organization Unit.
• Group: Group of objects (e.g., Users).

User Account Management#

Begin by mapping the company structure in units, sub-units, and groups within Active Directory.

1. Create Organization Units:
   • When creating an OU, consider protecting it from accidental deletion. If protection is enabled, PowerShell commands are required to remove it.
   • Example PowerShell command to remove protection and delete an OU:

     1
     Get-ADOrganizationalUnit -Identity 'OU=Cloud,OU=INSTAR_Shenzhen,OU=INSTAR,DC=instar,DC=local' | Set-ADObject -ProtectedFromAccidentalDeletion:$false -PassThru | Remove-ADOrganizationalUnit -Confirm:$false
     

2. Finish the hierarchy by adding groups and users to map structures based on offices, projects, etc.

This setup allows for efficient organization and management of objects within Active Directory.