Security Basics mailing list archives
RE: local admin/ domain admin
From: "Smith, Ryan" <rsmith () cff org>
Date: Tue, 6 Mar 2007 17:05:34 -0500
Hi Sohail, Based off the brief description of what you are trying to accomplish, you can do this via Delegation. Basically create a group and stuff all of your helpdesk personal into that group then delegate the OU that has all of your users and/or machine accounts to the group that you created for your helpdesk. For a more detailed answer take look at the following link: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technolog ies/directory/activedirectory/stepbystep/ctrlwiz.mspx HTH, Ryan -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Sohail Sarwar Sent: Tuesday, March 06, 2007 1:33 PM To: WALI; security-basics () securityfocus com Subject: local admin/ domain admin Hi Guys, I want to create an administrator account on the domain for my helpdesk persons. I basically want them to only add machines to the domain, and add user accounts for new employees with the option to change their passwords. Basically, I want do not want to give them the administrators password.. and control what be done potentially and accidentally... Can some one assist and let me know how I can do that? Or provide me the procedures. Any guidance would be great! Regards, Sohail
Current thread:
- local admin/ domain admin Sohail Sarwar (Mar 06)
- RE: local admin/ domain admin Quigley, Joe (Mar 07)
- RE: local admin/ domain admin Smith, Ryan (Mar 07)
- RE: local admin/ domain admin Scott Ramsdell (Mar 07)
- Re: local admin/ domain admin shaheedpak (Mar 07)
- RE: local admin/ domain admin Herb Martin (Mar 07)