I have allocated the following rights to a user group to the parent OU:
Allow Create/delete computer object
Allow Read
Allow Write all properties.
Now this allows them to move computer objects around like I expected. However when they go to move the computer object a second time they don't have rights to do so.
Am I missing anything?
Best Answer
Not knowing your OU structure I would advise you to check these things:
Also, IIRC the user that moves the object should have "delete" permission in the current OU.