I'm wondering how you go about delegating Active Directory to your administrators. Surely, you do not want every Network Administrators to have access to everything in AD at their workstations. I have several people that aren't that responsible so giving them access to AD is a bit risky. I'm thinking of giving only certain priviledges like adminitrating account, shared folders, and printers.
Is there a way to control AD in workstations? Thanks, again.