Cloudpanel and shared AD

Its because Authenticated Users don’t have read permissions on those OU’s. Add the computer object to the AllUsers@ group and restart the server and try again…. or add the computer itself to the company OU security permissions

Hi, it worked, added the computer to the AllUser@group.
But I can still view the full AD. For example if I log on to the computer and want to share a folder, I can search the ad and select/view all users/Groups.
Can this be stopped?

Yes. You have to enable List Object Mode in Active Directory:
https://technet.microsoft.com/en-us/library/cc546864.aspx?f=255&MSPPError=-2147217396

Ok thanks, will try that.

Hello Jacob,

We have hosted Active Directory and we want to block customers from seeing each other. We have enabled list object mode but when I remove List Content from Parent OU and list object from Child OU I am able to hide OUs from users, I mean if they open RSAT they will not be able to see OUs. Problem here is that if they look up for the users in Find or Powershell they will be able to see them. One way is to remove the List Content permissions from the child OU. If I do that if both “List object” and “List contents” are removed from a child OU whose parent OU has “List contents” removed, I run the risk of denying applications, that rely on user accounts in an AD DS environment, the ability to look-up information in the domain. Is there a way to block users from seeing each other in Find. It must be a way to do this.

Thank you in advanced