I installed Unity5 in a child domain. When running the permissions wizard it applied 2 permissions to the Deleted Objects OU (hidden in AD) at the child domain level, but showed a failure when it attempted to apply the same permissions to the parent domain Deleted Objects.
This makes sense since our install account only had local domain admin rights.
Does this permission matter since we are only dealing with objects in the child domain and no other Unity servers or users exist in other parts of AD?
All other permissions went ok and server is operational with no errors. Unity is importing AD accounts only and has no AD admin rights