I have Active Directory installed on a Windows 2000 Server. I have an OU named 'Agents'. I would like to delegate administration of the 'Agents' OU to a select group of people, who are running Windows XP. I assume I will need to install the Admin Tools for Windows Server 2003 on those delegates XP stations so they can run the 'Active Directory Users and Computers' snap-in. I would like to prevent the people who I am delegating administration rights to from seeing any OU's other than the 'Agents' OU. Please explain how I can accomplish this.
The link below delves into this same topic, but I don't understand the author's solution, specifically when he makes mention of "drilling down and creating a new sheet".