Sure, the Group Policy Management Console Scripts released with GPMC or as a separate download has the nice scripts called CreateXMLFromEnvironment.wsf and CreateEnvironmentFromXML.wsf export and import OU/groups/GPOs between domains. But these scripts export and import much more than just the OU structure (groups, GPOs etc) and in some migration scenarios you might want to migrate/copy just the OU-structure. Here’s how you can do this using Powershell.
Make sure you have the Active Directory module for Windows PowerShell installed and run it from Start -> Administrative Tools -> Active Directory PowerShell.
$oucsv = ‘c:\export\OUexport.csv’
Get-ADOrganizationalUnit -Filter * | export-csv $oucsv
You might want to get only from a certain base OU?
Get-ADOrganizationalUnit -Filter * -SearchBase ‘OU=test-OU,DC=ad,DC=local’ | export-csv $oucsv
Nice, so now you have a CSV-file with the structure. Here’s how to re-create them in the other domain:
$OldDom = ‘DC=ad,DC=local’
$NewDom = ‘DC=newdomain,DC=local’
$oucsv = ‘c:\export\OUexport.csv’$success = 0
$failed = 0$oulist = Import-Csv $oucsv
$oulist | foreach {
$outemp = $_.Distinguishedname -replace $OldDom,$NewDom
#need to split ouTemp and lose the first item
$ousplit = $outemp -split ‘,’,2
$outemp
Try {
$newOU = New-ADOrganizationalUnit -name $_.Name -path $ousplit[1] -EA stop
Write-Host “Successfully created OU: $_.Name”
$success++
}
Catch {
Write-host “ERROR creating OU: $outemp” #$error[0].exception.message”
$failed++
}
Finally {
echo “”
}}
Write-host “Created $success OUs with $failed errors”
Thanks to uSlackr for the details.
This is great.
I would like to copy a particular OU structure of an OU and its sub-OU’s in a 2003 Server Domain.
I would like to copy them to a 2008 DC in a separate forest (there is a transitive trust established) under another OU.
2003.local
————>Finance (OU)
——————–>Finance Pros (OU)
——————–>Finance Newbies (OU)
2008.local
————>Money (New OU)
——————>Finance (copied OU)
————————–>Finance Pros (copied OU)
————————–>Finance Newbies (copied OU)
Could you please help?
Do you have the possibility to run Active Directory cmdlets in the 2003 forest? If not, you could also use ldifde to export and import.
If you need to add a sub-OU “before” I would simply open the CSV file in Notepad++ and use some kind of Macro to add OU=Money before importing. Or manually if you don’t have that many OU:s to add.
Thanks for the ideas and code. Now I understand how to do this and it saved me hours of time because I dont have to do this manually anymore.
Thx for the script, was trying to do it myself with no luck. Anyway, i had to change a line, as split wouldn’t work as expected:
$ousplit = $outemp -split ‘,’,2
to
$ousplit = $outemp.split(“,”,2) |select -last 1
and then
$newOU = New-ADOrganizationalUnit -name $_.Name -path $ousplit[1] -EA stop
to
$newOU = New-ADOrganizationalUnit -name $_.Name -path $ousplit -EA stop
Very helpful. Thanks!
What if I have a template OU structure pre-setup with ACL’s using TMP groups (temporary groups) that get copied with a Powershell Script in on Child Domain and I want to mimic this setup in a second Child Domain without having to re-create all of the child groups and ACLs by hand?