5.5 Deleting an OU
You want to delete an OU and all objects in it.
22.214.171.124 Using a graphical user interface
126.96.36.199 Using a command-line interface
To delete an OU and all objects contained within, use the -subtree option with the dsrm command. If you don't use -subtree and the object you are trying to delete has child objects, the deletion will fail.> dsrm "<OrgUnitDN>" -subtree
188.8.131.52 Using VBScript' This code deletes an OU and all child objects of the OU set objOU = GetObject("LDAP://<OrgUnitDN>") objOU.DeleteObject(0)
Deleting OUs that do not contain objects is just like deleting any other type of object. Deleting an OU that contains objects requires a special type of delete operation. The "Tree Delete" LDAP control (OID: 1.2.840.1135184.108.40.2065) must be used by the application or script to inform AD to delete everything contained in the OU. All three solutions in this case use the control "under the covers," but if you were going to perform the operation via an LDAP, such as LDP, you would need to enable the control first.
5.5.4 See Also
Recipe 4.3 for using LDAP controls and MSDN: IADsDeleteOps::DeleteObject