Solved

Limited acces of active directory from XP machine.

Posted on 2007-11-20
8
593 Views
Last Modified: 2010-08-05
Hello
I want to know how can have limited access of Active Directory from XP Workstation.
I have installed Admin pack on xp machine, but i can see all the objects and users by that.

I want to set limited access.
i want to give one main user access to reset or change the password of one group of members only.

I want to know how can i filter the view of main user by which he will be able to view only one particuler group of users.

Thanks
0
Comment
Question by:kulvinder_10
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 20324083
By default, all Authenticated Users have read access to all of Active Directory; this can be modified only after extensive testing, as it can render features like Group Policy unusable.

You can create a limited-view Taskpad for a delegated administrator as follows: http://www.petri.co.il/create_taskpads_for_ad_operations.htm
0
 
LVL 7

Expert Comment

by:mcse2007
ID: 20324087
in AD, place this user in a particular container, right click this container and select DELEGATION.

In delegation, add this particular user, then you can give this user permission to reset password for users.

0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324161
MCSE2007
I have tried that too, but it also atleast shows all the servers, computers and other used accounts on the active directory.

I want he will be able to see and modify only one group
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 7

Expert Comment

by:mcse2007
ID: 20324255
there is no way to accomplish your task using just the available features of AD, use can still be able to view the objects though?
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324321
LauraEHunterMVP i wil try your isea in couple of day and let you know

thanks
0
 
LVL 70

Expert Comment

by:KCTS
ID: 20324643
If you delegate control to a group, then you can build and a custom taskpad which only lets the users see the objects and tasks that you deem necessary. See http://www.petri.co.il/create_taskpads_for_ad_operations.htm for an example of how to do this.
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20331220

Thanks LauraEHunter
I have tried your idea on my Dummy machines and it seems to be working.

Thanks for your advice..
0
 
LVL 3

Author Closing Comment

by:kulvinder_10
ID: 31410253
Thanks Buddy
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EXCHANGE 2010, EXCHANGE 2013 4 69
ADFS: AADSTS50107: Requested federation realm object 8 119
List of Active Users in AD 5 64
Compatibility view list registry key 1 47
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question