bob_kochanski
asked on
How do I delegate domain users to change passwords and join computers to domain?
I am not sure exactly what I am doing wrong here, however, I have ran the AD Delegation Wizard and added a Global Security group at the root of our Domain so that some of my users can change passwords and join computers to the domain. I have not changed any settings in our Default Group Policy and when the users try and join the machines to the Domain they are getting "Access Is Denied"
If anyone can point me in the right direction here it would be greatly appreciated.
If anyone can point me in the right direction here it would be greatly appreciated.
Depening on the process of your user use to join computer to a domain. If you don't create the computer account first in the appropriate OU, then the computer account will be created in the "Computers" container which by default user do not have right to create any object there.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks much, worked perfectly.