Re: Exception OU in Delegated Environment

From: "Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx>
Date: Mon, 25 Sep 2006 21:40:41 +0100

The behaviour is expected. You have delete child permission on the parent
object, therefore you can delete children. If you don't want people to
delete OUs, remove the delete permission from the parent.

Note. This will hamper your ability to move objects, as a move requires
delete and create as well as modify RDN.

Note also that a rename is effectively a move.

The only way round this that springs to mind is to use a custom app for
renaming and managing the OUs and their children. You can force that to not
allow delete operations, only renames.

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net

.

References:
- Exception OU in Delegated Environment
  - From: Tim Chin

Prev by Date: Re: 2 sites 2 domain controllers and DSL connectivity, How to do it.
Next by Date: Re: Block sites using GP
Previous by thread: Exception OU in Delegated Environment
Next by thread: 2 sites 2 domain controllers and DSL connectivity, How to do it.
Index(es):
- Date
- Thread

Relevant Pages

Re: 2.6.4-rc1 oops on HPFS filesystem file rename
... and cross-directory rename(), of all things. ... update directory entry in the parent, so it gets the parent inode and locks ... then grab rwsem on parentfor writing. ... Order among semaphores and among rwsems, ...
(Linux-Kernel)
Re: [PATCH 12/25] sysfs: Introduce sysfs_rename_mutex
... If the parent directory of the object we are renaming ... changes while the rename is being performed nasty things could ... happen when we go to release our locks. ... Very few code paths actually seem to care. ...
(Linux-Kernel)
Re: Rename Parent worksheet.name?
... The Parent of a Worksheet is a Workbook, and a Workbook cannot be renamed. ... but I can not seem to rename the parent name. ...
(microsoft.public.excel.programming)
Re: How to create a duplicate (not sub) class.
... then classloc would point to the orignial.vcx and would ... Let 's say you have a original.vcx with classes parent and child, ... If you now rename a ...
(microsoft.public.fox.programmer.exchange)
Re: ODS5 and hardlinks
... IIRC ODS-2 maintains up-pointers in each file header to each file's/directory's parent - but of course it has room for only one such. ... The file name field in the file header (which IIRC is updated on RENAME operations to the original parent) is in the same boat when it comes to having multiple parents, but I think may always have been defined as being merely informational in nature rather than being used by the system in any manner - save perhaps that the combination of the two fields could be used to determine whether a RENAME was being applied to the original parent entry and hence whether the name should be updated. ...
(comp.os.vms)