I hope someone can help me with this. I am located in LA and we have a office in Boston, we are using AD with a win2k domain and a win 2003 AD servers both are domains. I am using AD on win2k server, the boston OU is in our domain. What i need to do is give a certain user over there local admin rights to each machine which contians 30 machines. then remove them after we get done on each machine what needs to be done. how do i do this for their OU?