Knowledge Base

Creating new AD users in a specific organizational unit

Problem:

You want CodeTwo migration software to create mailbox-enabled users in a specific organizational unit (OU) within your Active Directory.

Solution:

By default, new Active Directory users are put in the Users container (CN=Users). Since CodeTwo Exchange Migration uses the same settings, users created by the program on the target server are also placed there. If you want the program to create new users in a new or some other organizational unit, you first need to configure Active Directory to redirect these users to a specific OU.

Warning

If you have already configured AD to redirect all new users to another container or OU, CodeTwo Exchange Migration will create new users in that container/OU.

Follow the links below to learn more on how to:

How to create a new organizational unit in Active Directory

You can create a new OU by using, for example:

Creating a new OU in Windows PowerShell

Use the following cmdlet to create a new OU in your domain:

New-ADOrganizationalUnit -Name "<name>" -Path "DC=<your domain>,DC=<your top level domain>"

Example: If you want to create a new OU Migrated users on the domain my-domain.com, you need to use the following cmdlet:

New-ADOrganizationalUnit -Name "Migrated users" -Path "DC=my-domain,DC=com"

Creating a new OU in Active Directory Users and Computers snap-in

  1. Go to Control Panel > Administrative Tools and double-click Active Directory Users and Computers.
  2. In the left pane (console tree), right-click the domain name, point to New and click Organizational Unit (Fig. 1.).  

    729-1
    Fig. 1. Creating a new organizational unit in Active Directory Users and Computers.

  3. Enter a unique name for the OU and click OK. This will create a new OU.

Creating a new OU in Active Directory Administrative Center

  1. Go to Control Panel > Administrative Tools and double-click Active Directory Administrative Center.
  2. In the left pane, click the domain name (e.g. my-domain.com).
  3. In the Tasks pane (on the right), click New > Organizational Unit (Fig. 2.).

    729-3
    Fig. 2. Creating a new organizational unit in Active Directory Administrative Center.

  4. In the window that opens, enter a unique name for the OU (Fig. 3.). You can also fill in the Description box or provide some other details.

    729-4
    Fig. 3. Entering the name of the new organizational unit.

  5. Click OK to create this OU.

How to redirect new AD users to a specific OU

If you want every new AD user to be created in a specific OU, open Windows PowerShell and use redirusr command, followed by the distinguished name of the OU:

redirusr "OU=<name>,DC=<your domain>,DC=<your top level domain>"

Example: If you want to use the Migrated users OU, created above, the cmdlet will look as follows:

redirusr "OU=Migrated users,DC=my-domain,DC=com"

You can check the distinguished name of any OU in the Active Directory Users and Computers snap-in. To do so:

  1. Point to View and click Advanced Features.
  2. Right-click the organizational unit folder in the left pane menu and click Properties.
  3. On the Attribute Editor tab, find the distinguishedName attribute (Fig. 4.).

    729-2
    Fig. 4. Locating the distinguishedName attribute for a specific organizational unit.