How do you undo a delegation made with the delegation of control wizard at an OU

Posted on 2007-11-29
Medium Priority
Last Modified: 2008-05-30
I went through the wizard at a low level OU, for experimental sake, added a single harmless right (read user info) to a generic security group (which contains only a very few people who are already domain admins), and then hit finished.  

I have since been unable to figure out how to undo that action?  I KNOW this was a harmless thing and it can be left as it is, without harm.  However, if this was a bad mistake, or some other crazy reason I wanted to, how could I undo it.
Question by:ksuchy
1 Comment
LVL 86

Accepted Solution

oBdA earned 2000 total points
ID: 20376515
In the ADUC's View menu, select "Advanced". Open the properties of the OU on which you delegated the permissions, and you'll find the "Permissions" tab just like in NTFS. Remove the group you've added.

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Sometimes it necessary to set special permissions on user objects.  For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question