Category Archives: active directory

Active Directory – OU is protected from accidental deletion

By default, an Organizational Unit is protected from accidental deletion upon creation. In order to delete the OU, you can edit the OU’s properties by Right-Clicking on the OU and selecting ‘Properties’. From here, we have two ways of doing this:

1. Select the ‘Object’ tab and un-check “Protect object from accidental deletion”.

 

2. As an alternative, what un-checking this tab really does behind the scenes is remove the group ‘Everyone’ to the Security tab, without any permissions defined. If we remove the group ‘Everyone’ from the Security tab, this also allows the deletion of the OU as well. To revert these settings, we can re-check “Protect object from accidental deletion”.