Stop domain admins from changing group memberships?
Posted on 2008-11-10
In my domain, any employee who is a member of the Domain Admins group can go into their Outlook, which is connected to Exchange, and change the memberships of e-mail distribution groups. One of my users was e-mailing the "sales" distribtuion group, and then wanted to add more people to send to, and did it wrong. He accidently added members to the sales group, and then somebody got an e-mail they shouldn't have and stole somebody elses commission. How do I prevent this from happening without removing people from the Domain Admins group?