Solved

Restrict viewing of certain OU's in MMC.

Posted on 2007-03-19
4
934 Views
Last Modified: 2011-10-03
I have Active Directory installed on a Windows 2000 Server.  I have an OU named 'Agents'.  I would like to delegate administration of the 'Agents' OU to a select group of people, who are running Windows XP.  I assume I will need to install the Admin Tools for Windows Server 2003 on those delegates XP stations so they can run the 'Active Directory Users and Computers' snap-in.  I would like to prevent the people who I am delegating administration rights to from seeing any OU's other than the 'Agents' OU.  Please explain how I can accomplish this.

The link below delves into this same topic, but I don't understand the author's solution, specifically when he makes mention of "drilling down and creating a new sheet".

http://search.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_21415128.html?sfQueryTermInfo=1+%22user+comput%22+restrict

0
Comment
Question by:CousinDupree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 18750393
0
 

Accepted Solution

by:
CousinDupree earned 0 total points
ID: 18773036
I figured it out.  In case anyone else is interested:

[1] Start Microsoft Management Console (Start->Run  Type 'MMC' and press Enter).
[2] Press CTRL-M.  This will open the 'Add/Remove Snap-in' window.
[3] Click 'Add'.  This will open the 'Add Standalone Snap-in' window.
[4] Select the 'Active Directory Users and Computers' snap-in and click on the Add button.  (Admin Tools need to be installed on your machine from AdminPak.msi).  Click 'Close'.
[5] Click OK in the 'Add/Remove Snap-in' window.
[6] In the 'Console Root' window, navigate to the OU in question in the Console Root tree (the left pane).
[7] Right click on the OU and select 'New Window from Here'.  A new window will open and will be named the same as the OU.
[8] Close the original 'Console Root' window.
[9] On the menu across the top of the console, click on File->Options.  Change the Console mode to 'User mode - limited access, single window'.
[10] On the menu across the top of the console, click on View->Customize.  Uncheck 'Standard menus (Action and View)', 'Standard toolbar', and 'Toolbars'.  Click OK.
[11] Click File->Save-As and save the console.

It seems to work for me.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question