?
Solved

Restrict viewing of certain OU's in MMC.

Posted on 2007-03-19
4
Medium Priority
?
955 Views
Last Modified: 2011-10-03
I have Active Directory installed on a Windows 2000 Server.  I have an OU named 'Agents'.  I would like to delegate administration of the 'Agents' OU to a select group of people, who are running Windows XP.  I assume I will need to install the Admin Tools for Windows Server 2003 on those delegates XP stations so they can run the 'Active Directory Users and Computers' snap-in.  I would like to prevent the people who I am delegating administration rights to from seeing any OU's other than the 'Agents' OU.  Please explain how I can accomplish this.

The link below delves into this same topic, but I don't understand the author's solution, specifically when he makes mention of "drilling down and creating a new sheet".

http://search.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_21415128.html?sfQueryTermInfo=1+%22user+comput%22+restrict

0
Comment
Question by:CousinDupree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 18750393
0
 

Accepted Solution

by:
CousinDupree earned 0 total points
ID: 18773036
I figured it out.  In case anyone else is interested:

[1] Start Microsoft Management Console (Start->Run  Type 'MMC' and press Enter).
[2] Press CTRL-M.  This will open the 'Add/Remove Snap-in' window.
[3] Click 'Add'.  This will open the 'Add Standalone Snap-in' window.
[4] Select the 'Active Directory Users and Computers' snap-in and click on the Add button.  (Admin Tools need to be installed on your machine from AdminPak.msi).  Click 'Close'.
[5] Click OK in the 'Add/Remove Snap-in' window.
[6] In the 'Console Root' window, navigate to the OU in question in the Console Root tree (the left pane).
[7] Right click on the OU and select 'New Window from Here'.  A new window will open and will be named the same as the OU.
[8] Close the original 'Console Root' window.
[9] On the menu across the top of the console, click on File->Options.  Change the Console mode to 'User mode - limited access, single window'.
[10] On the menu across the top of the console, click on View->Customize.  Uncheck 'Standard menus (Action and View)', 'Standard toolbar', and 'Toolbars'.  Click OK.
[11] Click File->Save-As and save the console.

It seems to work for me.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month14 days, 22 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question