Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1571
  • Last Modified:

Give permission to someone to create GPO?

Hi Experts,

I have an AD on server 2003. I created a 'Tech Admins' security group and added a person named 'Moon' to this group. I'd like give this group permission to create GPO only for 'Tech' OU. How do I do that?

Here is my domain structure from 'group policy management' console:
Group Policy Management
Forest: mycompany.org
  Domains
    mycompany.org
      IT
        Field
          Tech

Thanks.
0
SJCA
Asked:
SJCA
  • 2
  • 2
2 Solutions
 
hydrokidCommented:
Download the group policy management console from microsoft. (GPMC)
Open GPMC -> Click the OU you want to delegate -> On the result pane on the right, select the Delegation tab -> Click add to add the user or group you want to delegate permission to
0
 
SJCAAuthor Commented:
I clicked the 'Delegation' tab and then click 'Add' to add 'Tech Admins' group . It went fine but when the user 'Moon' log in and right click on 'Tech' OU, he still see the 'Create and Link a GPO Here...' greyed out, but everything else is fine. Any ideas?
0
 
woolnoirCommented:
is the user a member of the Group Policy Creator Owners group ? if not, add then in addition to the delegation and that should work.
0
 
woolnoirCommented:
the same applies, to if its a GROUP you want to add obviously.
0
 
SJCAAuthor Commented:
Thanks!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now