Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Restricting privledges on AD for  a user.

Posted on 2011-03-06
5
341 Views
Last Modified: 2012-05-11
Hi

We use windows 2003 server AD . I have a staff who has  joined our  support department  and i want to give him access to AD. He should have limited access to AD permissions only change user passwords.He should nor be allowed to create users delete users or delete any objects in the AD.

How to i configure this any tutorials will be helpful.

Thanks
0
Comment
Question by:lianne143
  • 2
  • 2
5 Comments
 

Author Comment

by:lianne143
ID: 35046069
He will be accessing AD from  XP PCs  around the network . Do i need to install Admin Tools on all the  PC in the network to access AD
0
 
LVL 17

Accepted Solution

by:
Premkumar Yogeswaran earned 334 total points
ID: 35046437
Yes.. u need to install Admin pak..

Create group in AD and give delegated permission to that group and add the user to that group..

Regards,
Prem
0
 
LVL 17

Assisted Solution

by:Premkumar Yogeswaran
Premkumar Yogeswaran earned 334 total points
ID: 35046445
0
 
LVL 6

Assisted Solution

by:dave_it
dave_it earned 166 total points
ID: 35061512
You'll only need to install the Adminpak on the PC which the user will logon to.  But I wouldn't do that until after you've run the Delegation of Control wizard in AD and given the user the permissions you want.
0
 

Author Closing Comment

by:lianne143
ID: 35194059
sorted
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question