• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1709
  • Last Modified:

Give permission to someone to create GPO?

Hi Experts,

I have an AD on server 2003. I created a 'Tech Admins' security group and added a person named 'Moon' to this group. I'd like give this group permission to create GPO only for 'Tech' OU. How do I do that?

Here is my domain structure from 'group policy management' console:
Group Policy Management
Forest: mycompany.org
  Domains
    mycompany.org
      IT
        Field
          Tech

Thanks.
0
SJCA
Asked:
SJCA
  • 2
  • 2
2 Solutions
 
hydrokidCommented:
Download the group policy management console from microsoft. (GPMC)
Open GPMC -> Click the OU you want to delegate -> On the result pane on the right, select the Delegation tab -> Click add to add the user or group you want to delegate permission to
0
 
SJCAAuthor Commented:
I clicked the 'Delegation' tab and then click 'Add' to add 'Tech Admins' group . It went fine but when the user 'Moon' log in and right click on 'Tech' OU, he still see the 'Create and Link a GPO Here...' greyed out, but everything else is fine. Any ideas?
0
 
woolnoirCommented:
is the user a member of the Group Policy Creator Owners group ? if not, add then in addition to the delegation and that should work.
0
 
woolnoirCommented:
the same applies, to if its a GROUP you want to add obviously.
0
 
SJCAAuthor Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now