When you join a computer to the Active Directory domain or create a user, all these objects will be placed in default containers – Computers and Users. In order to place your new objects to relevant OUs with proper group policies you need to change their default location. This tutorial will show you how to do that.

Modification the default location for new user and computer objects is possible in Windows Server 2003 and above. And you need to have a user account with domain admin rights and perform commands directly from the server not from a management workstation.

By default design, new computers are stored in Computers container and new users in the Users container because containers can’t have policies linked, so even if there is a problem with AD because of GPOs there should be a possibility to join a device and sign in to it without group policies.

Modifying the Default Location for User and Computer Objects

First, we need to create or decide the OUs to which we want to redirect. One for computers another for users. In our example it will be Employees and Workstations. For this purpose, Microsoft created redirusr.exe and redircmp.exe which are located in %SystemRoot%\System32 folder.

Run Command Prompt (cmd.exe) as administrator, run the following commands, replacing the values for your environment:

redirusr.exe "OU=Employees,DC=office,DC=local"
redircmp.exe "OU=Workstations,DC=office,DC=local"

If you need to revert these settings back, then type the following:

redirusr.exe "CN=Users,DC=office,DC=local"
redircmp.exe "CN=Computers,DC=office,DC=local"

Now all your new users and computers will automatically join organizational units instead of default containers.