Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 392
  • Last Modified:

Domain administrator with limited Active Directory access

Hello, I want to give a user some access to update entries in Active Directory so they can add and remove addresses in an address book for the company.  Is there a way I can setup an ID so a user can use active directory from a workstation and limit them to what they can access?  I want them to have access to only one OU.
0
tucktech
Asked:
tucktech
3 Solutions
 
Paul MacDonaldDirector, Information SystemsCommented:
There are a few ways to do this, depending on how much access you want to give.  The easiest may be to right-click the OU in question and Delegate Access to a user or group.

http://technet.microsoft.com/en-us/library/cc778807(v=ws.10).aspx

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Implementing-Active-Directory-Delegation-Administration.html
0
 
remmett70Commented:
The workstation the user would need to have RSAT (remote Server administrative Tools) installed.  You can then delegate control of an OU to the user

http://technet.microsoft.com/en-us/library/cc732524.aspx

Also probably want to create them a custom MMC that open in the OU they will manage.
0
 
mcj2006Commented:
right click on the OU in active directory users and computers. Delegate control.

On the workstation install RSAT http://www.microsoft.com/en-us/download/details.aspx?id=7887
0
 
tucktechAuthor Commented:
Yes, this will work, excellent
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now