Solved

Limited acces of active directory from XP machine.

Posted on 2007-11-20
8
591 Views
Last Modified: 2010-08-05
Hello
I want to know how can have limited access of Active Directory from XP Workstation.
I have installed Admin pack on xp machine, but i can see all the objects and users by that.

I want to set limited access.
i want to give one main user access to reset or change the password of one group of members only.

I want to know how can i filter the view of main user by which he will be able to view only one particuler group of users.

Thanks
0
Comment
Question by:kulvinder_10
8 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 20324083
By default, all Authenticated Users have read access to all of Active Directory; this can be modified only after extensive testing, as it can render features like Group Policy unusable.

You can create a limited-view Taskpad for a delegated administrator as follows: http://www.petri.co.il/create_taskpads_for_ad_operations.htm
0
 
LVL 7

Expert Comment

by:mcse2007
ID: 20324087
in AD, place this user in a particular container, right click this container and select DELEGATION.

In delegation, add this particular user, then you can give this user permission to reset password for users.

0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324161
MCSE2007
I have tried that too, but it also atleast shows all the servers, computers and other used accounts on the active directory.

I want he will be able to see and modify only one group
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 7

Expert Comment

by:mcse2007
ID: 20324255
there is no way to accomplish your task using just the available features of AD, use can still be able to view the objects though?
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324321
LauraEHunterMVP i wil try your isea in couple of day and let you know

thanks
0
 
LVL 70

Expert Comment

by:KCTS
ID: 20324643
If you delegate control to a group, then you can build and a custom taskpad which only lets the users see the objects and tasks that you deem necessary. See http://www.petri.co.il/create_taskpads_for_ad_operations.htm for an example of how to do this.
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20331220

Thanks LauraEHunter
I have tried your idea on my Dummy machines and it seems to be working.

Thanks for your advice..
0
 
LVL 3

Author Closing Comment

by:kulvinder_10
ID: 31410253
Thanks Buddy
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question