<div>
You can follow the steps in this link to allow them to add the computers to the doamin. I would recommend creating a secuirty group and adding the group to the GPO. &nbsp;Then add all your help desk users to that group.<br />
<br />
<a href="http://www.windowsitpro.com/article/domains2/jsi-tip-8144-how-can-i-allow-an-ordinary-user-to-add-a-computer-to-a-domain-.aspx" rel="ugc">http://www.windowsitpro.com/article/domains2/jsi-tip-8144-how-can-i-allow-an-ordinary-user-to-add-a-computer-to-a-domain-.aspx</a>
</div>


You can follow the steps in this link to allow them to add the computers to the doamin. I would recommend creating a secuirty group and adding the group to the GPO.  Then add all your help desk users to that group.

http://www.windowsitpro.com/article/domains2/jsi-tip-8144-how-can-i-allow-an-ordinary-user-to-add-a-computer-to-a-domain-.aspx [http://www.windowsitpro.com/article/domains2/jsi-tip-8144-how-can-i-allow-an-ordinary-user-to-add-a-computer-to-a-domain-.aspx]

<div>
The newer inf file does add a lot of rights from the default but I did not see anythingi in there about moving a computer object. The miicrosoft article seems to cover moving and removing but not adding. <br />
<br />
Do you know if chaniging the inf file does anything to rights already delegated using the old inf file?
</div>


The newer inf file does add a lot of rights from the default but I did not see anythingi in there about moving a computer object. The miicrosoft article seems to cover moving and removing but not adding.

Do you know if chaniging the inf file does anything to rights already delegated using the old inf file?

<div>
<div class="content wysiwyg-content">
I am trying to come up with a way to allow Help Desk staff to Add/Remove/Move Computer objects in AD.By move I mean move from one OU to another. I was looking at the Delegation Wizard in ADUC but could not figure it out. I want just these rights and nothing else so if I add a Help Desk member to a group I delegated rights to, that is all they can do. 
</div>
</div>


I am trying to come up with a way to allow Help Desk staff to Add/Remove/Move Computer objects in AD.By move I mean move from one OU to another. I was looking at the Delegation Wizard in ADUC but could not figure it out. I want just these rights and nothing else so if I add a Help Desk member to a group I delegated rights to, that is all they can do. 

Need to grant specific rights to computer objects in AD

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.