An Organizational unit is a container in active directory domain environment that can contain domain users domain groups domain controllers published folders client computers etc. When active directory services are installed on a Windows server 2003 computer to promote it as a domain controller by default one Organizational unit is created which is Domain Controllers. This Organizational unit contains all the domain controllers of the forest and/or domain. Whenever a new domain controller is promoted its account is automatically created in Domain Controllers Organizational unit. The main difference between a simple container (for example Users container in the domain) and an Organizational unit in a domain is that in an Organizational unit you can link group policy objects in order to make the tasks easier for the users and to limit their permissions at the same time. You can create a new Organizational unit by following the steps given below:
- Log on to the domain controller with administrator privileges.
- Click on Start button.
- From the start menu go to Administrative Tools and from the submenu click on Active Directory Users and Computers.
- From Active Directory Users and Computers snap-in right click on the domain name which in this case is TESTDOMAIN.COM.
- From the context menu go to New and from the submenu click on Organizational Unit.
- On the New Object-Organizational Unit page type the name of the new Organizational unit that you want to create and click on Ok button to create the OU.