Moving domain controller servers to different OU's

[Richard]

Is it ok to move domain controller servers in different
OU's within a domain?

 

[Simon Geary]

You can't have OU's without a domain so I'm not exactly sure what you mean.
In general terms, moving DC's between OU's is not a problem.

 

[Herb Martin]

[Sorry my prior message got away from me before I was finished]

Is it ok to move domain controller servers in different
OU's within a domain?

It is possible but my experience is it doesn't work correctly,
even if you move the DCs so child-OUs within the DC-OU
(so that DC Default Policy still applies).

I have heard some sort of rumor about a KB article but have
never seen it -- my experience is they just don't like it.

 

[Matjaz Ladava [MVP]]

It should work, and the only problem would be the change in Security Policy
and GPO's that are linked to Domain Controller OU. If you link Domain
Controller GPO to that (new) OU and move DC it should work. You could also
create a new GPO for that OU which would mirror Default Domain Controller
GPO.

--
Regards

Matjaz Ladava, MCSE (NT4 & 2000), Windows MVP
(e-mail address removed)
http://ladava.com

 

[Joe Richards [MVP]]

My response to this is it is generally discouraged and if you do proceed, proceed at your own risk. There are poorly
written applications out there that could fail (both third party and MS) so just test everything you want to use prior
to doing this in production.

 

[Herb Martin]

My domain was flakey even when the DCs were in child OUs
of the DC-OU.

My response to this is it is generally discouraged and if you do proceed,

proceed at your own risk. There are poorly

written applications out there that could fail (both third party and MS)

so just test everything you want to use prior