Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Active Directory delegation

Status
Not open for further replies.
said07

said07

IS-IT--Management
May 3, 2004
168
US
We upgraded to Windows Server 2008 r2 and I would like to delegate to an intern some tasks in Active Directory like creating/deleting computer accounts, creating/deleting/resetting users accounts.
Is there a good document that shows how to go through the delegation setup? we did it in 2003 and it wasn't the easiest task.
Thanks,

Said
 
Sort by date Sort by votes
I just remembered that we also created an mmc on the user's pc to access the Active Directory instead of logging onto the server.
That would be the scenario I am looking to implement.
Thanks for the input.
 
Upvote 0 Downvote

This is a link for a pictured walk-through of creating a user and a user template for if your creating numerous out of the same type. Once you know how to create the account, modifying and deleting are simple and straightforward.



"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
DrBob, I am looking for creating delegation and an mmc to allow an intern to help managing some of the active directory. Thanks
 
Upvote 0 Downvote
Sorry to hear about that. I will check the links out. Thanks again
 
Upvote 0 Downvote
If you already did it in 2003 then the permissions should still be present after going to 2008 R2. All you would need is to install the Remote Server Admin Tools (RSAT) on his PC, or just the ADUC component. If all he's doing is modifying accounts he can probably continue to use the existing MMC on his PC. Though he wouldn't be able to see any of the new properties/pages that come with the new version of ADUC, it sounds like he probably wouldn't need them if he's only doing basic account management.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator
 
Upvote 0 Downvote
kmcferrin, when I said "I just remembered that we also created an mmc on the user's pc to access the Active Directory" I wasn't very clear. we had done this for a user in my eng group, not for this intern. And the eng user has long left the comapny.
The links provided by DrBob above show clearly how to go about the delegation. I am still trying to find out how we did the mmc. It was neat because all the eng user could see was the OU we delegated. I have not had a chance to play yet with Remote Server Admin Tools. Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

julis2103
  • Locked
  • Question
Active Directory
Replies
0
Views
86
julis2103
julis2103
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
335
goombawaho
goombawaho
geneg28
  • Locked
  • Question
Active Directory and Linux Servers
Replies
0
Views
82
geneg28
geneg28
axilleas
  • Locked
  • Question
Windows 2012 R2 Active directory problem after applying GPO
Replies
7
Views
146
technome
technome
mkrausnick
  • Locked
  • Question
Can't write to folder even though Active Directory effective permissions shows full control
Replies
1
Views
88
mkrausnick
mkrausnick

Part and Inventory Search

Sponsor

Back
Top