Solved

Grant a single user access to edit a Global Security group?

Posted on 2014-03-18
2
2,357 Views
Last Modified: 2014-03-19
Really easy question;

In AD, how can I grant a single user access to add/remove members a Global Security group? I have two groups that I want to allow him to edit.

Thanks
0
Comment
Question by:GCTTechs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
piattnd earned 500 total points
ID: 39938420
You'll need to allow them access to the group itself.  You can do it with a single user making them the "manager" of the group and checking the box that says managers can update the member list. (under the Managed By tab).

Additionally, you can explicitly give permissions to multiple users in the Security tab on the group object.  Add the user and give only the "Read Member Property" and "Write Member Property".  (Verbiage of the option may be slightly different depending on your domain level).
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39938444
Hi,

Create a OU move that user to new OU and run the control delegation wizard. Select "Modify the Membership of Group" permission.
  http://www.howtogeek.com/50166/using-the-delegation-of-control-wizard-to-assign-permissions-in-server-2008/
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question