Start Free TrialLog in
Avatar of Simon336697
Simon336697Flag for Australia

asked on 

Restrict who can add users to the group Domain Admins

Hi Guys,

In the domain admins group, we have the following situation:

-----------------------------------------------------
<Individual user accounts>
<Group accounts>

So, for example,

----------------------------------------------------- domain admins group
Bob
Sue
Steve
Server Admins group


What I want to be able to do is to restrict who can add or delete members of the domain Admins group.

So, for example, is there a way to stop current members of the domain admins group from adding or deleting members of the domain admins group?

What is the best way to do this?

Thanks everyone.
Active Directory
Avatar of undefined
Last Comment
Simon336697
SOLUTION
Avatar of motnahp00
motnahp00
Flag of United States of America image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of motnahp00
motnahp00
Flag of United States of America image
If you do not trust somebody then delegate permissions accordingly for a domain user.
Avatar of Simon336697
Simon336697
Flag of Australia image

ASKER

So, you delegate this permission to add or remove a user and or group from the domain admins group to a user?
ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
SOLUTION
Avatar of Prashant Girennavar
Prashant Girennavar
Flag of India image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Simon336697
Simon336697
Flag of Australia image

ASKER

Thanks for that guys
Active Directory
Active Directory

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent