Creating Organizational Units with Powershell
Full-Access Members Only
Sorry, this lesson is only available to Server Academy Full-Access members. Become a Full-Access member now and get instant access to this and many more premium courses. Click the button below and get instant access now.
Instructions
Q&A (0)
Notes (0)
Resources (0)
Saving Progress...
Resources
There are no resources for this lesson.
Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.
In this lecture, we are going to learn how to create Active Directory Organizational Units with Windows PowerShell.
Now, first just a quick reminder. The way you would do it using the Graphical User Interface is by clicking Tools here in the upper right-hand corner of Server Manager and selecting Active Directory Users and Computers.
Then we select the desired location and choose New > Organizational Unit.
And we make some kind of name like Test123 and you can uncheck Protect container from accidental deletion and click OK.
And there is our Organizational Unit Test123 and it has been created under instructorpaul.com.
So, we are going to learn how to do this in PowerShell.
I am going to go ahead and delete that Organizational Unit and launch PowerShell as Administrator.
Click Yes on the User Account Control window.
First, before we create the Organizational Unit let’s learn how to list or get our Organizational Units.
We are going to type Get-ADOrganizationalUnit and press Enter.
What it did right there is that it Imported the Active Directory module for us.
Now is asking us to type in a Filter. We are just going to type in a * and press Enter.
It has output every single Organizational Unit that it is inside of our Active Directory.
This is not a human-readable format or an easy-to-understand output since it is kind of split up. You can work with it if you wanted to but what we are going to do is format this in a table format with the command Get-ADOrganizationalUnit | Format-Table and choose what objects we want to include.
I am going to include the following Get-ADOrganizationalUnit | Format-Table Name, DistinguishedName, and press Enter. For the Filter, I will enter a * and press Enter.
Now, this is much easier to see the display of results.
So, one thing that we can also do to make our lives a little bit easier is to use the following command: Get-ADOrganizationalUnit -filter “*” | Format-Table Name, DistinguishedName and press Enter.
So, we are saying get every Organizational Unit immediately.
So, what we are doing is streamline and make it faster so we don’t have to enter the second input as at the command prompt.
Now, let’s talk about, how do you search for a specific Organizational Unit?
Let’s say for example, how do you find all the Organizational Units that are directly beneath the InstructorPaul Organizational Unit?
And, The way you can do that is by typing: Get-ADOrganizationalUnit -filter “*” -SearchBase “OU=InstructorPaul,DC=instructorpaul,DC=com” | Format-Table Name, DistinguishedName and press Enter.
This is going to list every Organizational Unit under InstructorPaul.
Now, it is important to keep in mind that this is getting every Organizational Unit under InstructorPaul and there’s a couple of nested OUs under this.
So, if I just want to grab the first level or every Organizational Unit that is directly beneath InstructorPaul I can do that by adding yet another argument like the following: Get-ADOrganizationalUnit -filter “*” -SearchBase “OU=InstructorPaul,DC=instructorpaul,DC=com” -SearchScope OneLevel | Format-Table Name, DistinguishedName, and press Enter.
This gets the first level Organizational Units right under InstructorPaul.
Now, if I open Active Directory Users and Computers and expand instructorpaul.com > InstructorPaul I can see I have Domain Users, Domain Workstations, and member Servers.
And in this last PowerShell command prompt, I also have Domain Users, Domain Workstations, and member Servers.
OK, let’s say we want to create a new Organizational Unit under the InstructorPaul OU.
You can do that by just simply typing New-ADOrganizationalUnit -Name “Test123” and pressing Enter.
Now, by default, it will go under the root of our directory so if I refresh the Active Directory Users and Computers I now have Test123 which was created a second ago.
Server Academy Members Only
Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.