Solved

How to set up a limited MMC for delegated administration of an OU

Posted on 2008-10-30
4
435 Views
Last Modified: 2012-05-05
Picture the scene .... I have several OUs created for teams in my organisation. I have delegated control of User Account admin to a responsible member of each team. I opened a blank MMC and added the Users and Computers snap-in, and predictably the whole AD is listed.

How can I trim this snap-in so that only a designated OU is shown for any given junior admin.
0
Comment
Question by:AdoBeebo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 31

Assisted Solution

by:Toni Uranjek
Toni Uranjek earned 500 total points
ID: 22840201
Hi AdoBeebo,

Create TaskPad view.

"HOW TO: Create and Edit a Taskpad View in a Saved MMC Console in Windows 2000" it applies to 2003, also
http://support.microsoft.com/kb/321143

or

http://www.winsupersite.com/showcase/win2k_taskpad.asp

HTH

Toni
0
 
LVL 3

Author Comment

by:AdoBeebo
ID: 22840509
HI

I'm able to add the Create User command after creating the Task Pad, but not the other tasks, namely:

Create, delete and manage user accounts
Reset user passwords and force password change at next logon
Read all user information
Modify the membership of a group.

Thanks
0
 
LVL 31

Accepted Solution

by:
Toni Uranjek earned 500 total points
ID: 22840592
Put one user account (or group) in OU to which you have delegated this tasks, and the repeat the process of adding new Task. Most tasks are menu based, so select Menu command on second step and on next windows select appropriate task. Even if you don't create buttons (shortcuts) for all tasks, user will be able to perform them using right click or double click.
0
 
LVL 3

Author Comment

by:AdoBeebo
ID: 23002340
Have had to put this on hold temporarily while we move an office, but will come back to it next week
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question