Solved

Limited acces of active directory from XP machine.

Posted on 2007-11-20
8
592 Views
Last Modified: 2010-08-05
Hello
I want to know how can have limited access of Active Directory from XP Workstation.
I have installed Admin pack on xp machine, but i can see all the objects and users by that.

I want to set limited access.
i want to give one main user access to reset or change the password of one group of members only.

I want to know how can i filter the view of main user by which he will be able to view only one particuler group of users.

Thanks
0
Comment
Question by:kulvinder_10
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 20324083
By default, all Authenticated Users have read access to all of Active Directory; this can be modified only after extensive testing, as it can render features like Group Policy unusable.

You can create a limited-view Taskpad for a delegated administrator as follows: http://www.petri.co.il/create_taskpads_for_ad_operations.htm
0
 
LVL 7

Expert Comment

by:mcse2007
ID: 20324087
in AD, place this user in a particular container, right click this container and select DELEGATION.

In delegation, add this particular user, then you can give this user permission to reset password for users.

0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324161
MCSE2007
I have tried that too, but it also atleast shows all the servers, computers and other used accounts on the active directory.

I want he will be able to see and modify only one group
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:mcse2007
ID: 20324255
there is no way to accomplish your task using just the available features of AD, use can still be able to view the objects though?
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20324321
LauraEHunterMVP i wil try your isea in couple of day and let you know

thanks
0
 
LVL 70

Expert Comment

by:KCTS
ID: 20324643
If you delegate control to a group, then you can build and a custom taskpad which only lets the users see the objects and tasks that you deem necessary. See http://www.petri.co.il/create_taskpads_for_ad_operations.htm for an example of how to do this.
0
 
LVL 3

Author Comment

by:kulvinder_10
ID: 20331220

Thanks LauraEHunter
I have tried your idea on my Dummy machines and it seems to be working.

Thanks for your advice..
0
 
LVL 3

Author Closing Comment

by:kulvinder_10
ID: 31410253
Thanks Buddy
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How are passwords stored in Active Directory 25 137
Extend AD Schema to 2008 R2 after domain upgrade. 5 48
2008 R2 time server is invalid 6 33
MFA in Azure for a hybrid org 2 36
In-place Upgrading Dirsync to Azure AD Connect
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question