AD Deleqation control

Greetings:
I have given some users limit permissions using AD delegation control to manage their users at their departments ,when i tried to login to the DC using the username and password for the delegator i couldn't, so do i need to do anything more than give him permissions through delegation control and adding them to the remote disktop  users??
salman_sulaiman_2008Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
AmericomConnect With a Mentor Commented:
Here's the Computer GPO you can create from Windows Settings-->Scripts-->Startup

Scrtip Name: \\DomainName\ShareName\adminpak.msi   (where ever you keep your software installs)

Script Parameters: ADDLOCAL=FeADTools /qn

You may even want to customize a ADCU MSC so that those admins can only see their delgation etc....and copy the customized MSC to their desktop upon logon...
0
 
JoWickermanCommented:
Hi salman_sulaiman_2008,

You can use this interesting article as reference:

http://www.windowsecurity.com/articles/Implementing-Active-Directory-Delegation-Administration.html

Hope it's what you're looking for.

Cheers.
0
 
AmericomConnect With a Mentor Commented:
Why have them login to the DC? That's not a good practive as the're not Domain Admins.
You should create GPO to install the ADCU utility on those Admins machines during reboot so that they have the ADCU utility installed and have them run that ADCU console from their own machine. Giving then access to Remote Desktop to DC is not a good practice and you need to grant them logon through terminal services etc as by default, non Administrator cannot RDP to domain controller.
0
 
salman_sulaiman_2008Author Commented:
Greetings Everyone!
Thanks for the replies! They really do help!
Best wishes,
~salman~
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.