Can't Delete Organizational Unit Even when Protect Object From Accidental Deletion is Disabled

I recently ran into an issue where I did not have the option to delete an Organizational unit. I made sure to uncheck "Protect Object From Accidental Deletion", and I had the appropriate permissions on the security tab.
Attempting to delete from ADSI edit resulted in the error below:

Operation failed. Error code: 0x20ce
The requested delete operation could not be performed. 
000020CW: SvcErrL DSID-0315370F, problem 5003 (WILL_NOT_PERFORM), data 0


The solution was to use redircmp to redirect new PCs to a different OU.

redircmp "OU=Servers,OU=Computers,DC=example,DC=com"

Restart Active Directory Users and Computers, and the delete option should be available for the OU.



Comments

  1. Thanks for posting this. Just had the exact same issue today. I was trying to delete an OU that was an immediate *Child OU* of the OU that newly domain-joined PCs went in to! "Rename" and "Delete" only became visible once I redircmp to a different "sibling" OU of the original destination.

    ReplyDelete

Post a Comment

Popular posts from this blog

FSLogix Troubleshooting guide

Best Practices for Deploying User Profile Disks

Removing Application UAC Requirements with Shims