Right now I'm running a winodws 2000 domain. I want to give my four help desk users the ability to do the following ONLY
-Able to add / remove a pc to the domain.
-reset user's password. but cannot reset domain admin or service account password
-is a member of the local admin's group on all workstation and not on servers!!!!!!!!!
For the first two you can use the delegation control wizard and give those rights to the help desk group (place the users in a group) -- see screen shot
For the admin group task I's use restricted groups.
Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource.
Use Google, Bing, or other preferred search engine to locate trusted NTP …