troubleshooting Question

Active Directory Users and Computers

Avatar of fruitloopy
fruitloopy asked on
Windows Server 2003Active DirectoryMicrosoft Server OS
4 Comments2 Solutions112 ViewsLast Modified:
I have created a group (IT_Admin) to allow them to have the same rights as a domain admin in AD without adding the users to the domain admin group but the permissions are not being inherited.

Using the AD delegate control process (or just adding the IT_Admin group to the security permissions) at the top level domain isnt pushing the permissions down.
I have checked and all the OUs beneath this have the "Include inheritable permissions from this objects parent" ticked.

On checking a child OUs permissions the new group is listed but none of the permission boxes are checked.

I cannot see a way to force the permissions through the child OUs and objects
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros