Mid-Western Regional Council
asked on
Domain Admin AD access
Hi Guys,
We need to lock down AD from a few domain admins as they need very high access but keep changing things they shouldn't.
Would the best option be to not allow write access on AD for the domain admins group and then add everyone that should have that power to the enterprise admins group?
Thanks.
We need to lock down AD from a few domain admins as they need very high access but keep changing things they shouldn't.
Would the best option be to not allow write access on AD for the domain admins group and then add everyone that should have that power to the enterprise admins group?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Cheers