<div>
Thanks for this, it looks like it is more or less what we need. Would this allow the members of that group to pre-stage computer accounts in that OU?
</div>


Thanks for this, it looks like it is more or less what we need. Would this allow the members of that group to pre-stage computer accounts in that OU?

<div>
Yes once you grant the group permissions they will be able to perform any and all actions you grant the SG on that OU.
</div>


Yes once you grant the group permissions they will be able to perform any and all actions you grant the SG on that OU.

<div>
<div class="content wysiwyg-content">
Hello,<br />
<br />
We have departmental technicians that need to be able to pre-stage and &nbsp;join machines in particular OUs but not be able to create users. At the moment we just make them members account operators, but this gives them access to create both users and machines, and in any OU. Maybe if we could create separate groups that are similar to the Account Operators, but can only create/join machines to designated OUs? Or by using delegated rights, but really not sure what boxes to tick on that one.<br />
<br />
Cheers!
</div>
</div>


Hello,

We have departmental technicians that need to be able to pre-stage and  join machines in particular OUs but not be able to create users. At the moment we just make them members account operators, but this gives them access to create both users and machines, and in any OU. Maybe if we could create separate groups that are similar to the Account Operators, but can only create/join machines to designated OUs? Or by using delegated rights, but really not sure what boxes to tick on that one.

Cheers!

2008R2 Active Directory - Delegate rights to users to join machines to AD but not users

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.