asked on

Non IT Client wants to be able to Configure New Users in Windows 2008 Active Directory

I have a client who wants to be able to set up new users in their Windows 2008 Active Directory.

I could install the RSAT tools on their PC, but I think it's going to be too crowded and complicated for them.

Is it possible to set up a customised MMC where a user can only see the OU that they are allowed administer?

Or alternatively are there any free tools out there with a "Keep it stupid simple" user interface for Active Directory User administration?

Thanks,
Fin

Will Szymkowski

Unfortunately when you assign delegated permissions on an OU the users still see the entire strucutre. The parts that they dont see are the Tabs in the properties of an objects. Make sure that Advanced Features is disabled/unchecked as this will show more folders (system folders) in the hierarchy.

Hope this helps

ASKER CERTIFIED SOLUTION

Mike Kline

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

Sandesh Dubey

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Member_2_4371340

ASKER

mkline71's answer was what I was looking for, but I'd also like to thank Sandeshdubey for giving me an alternative way of doing this.

Sandeshdubey - To answer your earlier question (Why are you trying to disable the view of OU?). Non-IT users find the Active Directory Users and Computer's to be confusing and too much information. If they click on an MMC and can only see a single OU, this simplifies the user creation process and saves on helpdesk calls.

Mike Kline

Glad to help, have a great weekend.

Thanks

Mike