I’ll be doing a lot off PowerShell scripting to help you on your way for a more secure Windows environment. This one is a quick win!
Don’t you love those administrators that drag and drop your OU structure which contains all the directors to where they don’t belong and GPO’s are messing things up badly for them. All because they fell asleep on their left mouse button while in dsa.msc. This is probably one off the oldest dilemma’s about Active Directory administration and it has been blogged about a lot.
In this post I’ll just provide you with a quick PowerShell script to disable this functionality.
Import-Module ActiveDirectory -ea silentlycontinue
$DN = (Get-ADDomain).DistinguishedName
Set-ADObject "CN=DisplaySpecifiers,CN=Configuration,$DN" -add @{flags="1"}
Saves you some clicking indeed!