<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
I am starting to understand the delegation wizard in AD 2008 so thats fine but what I need help with is what would be the best practice to do the following:<br />
<br />
Allow a security group to remote desktop to a Win2008 server that has access to AD but will only show specific Organisational Units, then lock down the server so this is all that the users can do.<br />
<br />
E.g. remote connect to server1, then have AD/MMC load up that shows 2 OUs instead of the whole AD structure.<br />
<br />
Any advice would be great as I am unsure where to start with this.<br />
<br />
Thanks!
</div>
</div>


Hi,

I am starting to understand the delegation wizard in AD 2008 so thats fine but what I need help with is what would be the best practice to do the following:

Allow a security group to remote desktop to a Win2008 server that has access to AD but will only show specific Organisational Units, then lock down the server so this is all that the users can do.

E.g. remote connect to server1, then have AD/MMC load up that shows 2 OUs instead of the whole AD structure.

Any advice would be great as I am unsure where to start with this.

Thanks!

Active Directory Lockdown to specific OUs via remote desktop?

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.