Re: Delegation Rights
From: Brian Cook (anonymous_at_discussions.microsoft.com)
Date: 02/24/04
- Next message: Jodie: "blocking some common TCP/UDP ports"
- Previous message: Kent Smith: "Re: Firewall overkill"
- In reply to: Steven L Umbach: "Re: Delegation Rights"
- Next in thread: Steven L Umbach: "Re: Delegation Rights"
- Reply: Steven L Umbach: "Re: Delegation Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 24 Feb 2004 12:02:16 -0800
I have found the article on the unlock user account
however I have not found delegation procedures for the
others. Has anyone seen or is there a list of different
delegation tasks that are custom.
Thanks
Brian Cook
>-----Original Message-----
>At the appropriate container, select properties and then
delegate control. For each
>domain you will have to create a local group to add to
the delegation. Then you will
>need to create global groups for each domain and add the
members from each domain and
>then add each global group to the local group for each
domain [assuming that is what
>you want]. If you are in native mode you could possibly
use a universal group
>instead, though adding individual users to universal
groups is not best practice
>because of the way universal groups are handled with the
global catalog server and
>replication.
>
>The delegation wizard will give you general options. If
the general options are not
>what you need, you will have to select custom task and
select computer and/or user
>objects and choose permissions you want to apply to those
objects. The unlock account
>is an example of a custom task and is described in the KB
link below. --- Steve
>
>http://support.microsoft.com/default.aspx?scid=kb;EN-
US;q294952
>
>"Brian Cook" <anonymous@discussions.microsoft.com> wrote
in message
>news:14a4e01c3fa51$10df9910$a301280a@phx.gbl...
>> I need to have a group that members of the group can do
>> the following:
>> Reset account passwords
>> unlock accounts
>> join/remove computers from a domain
>>
>> part 2 is how do I set this up when I have 2 domains in
my
>> forest and I want to use the same group.
>
>
>.
>
- Next message: Jodie: "blocking some common TCP/UDP ports"
- Previous message: Kent Smith: "Re: Firewall overkill"
- In reply to: Steven L Umbach: "Re: Delegation Rights"
- Next in thread: Steven L Umbach: "Re: Delegation Rights"
- Reply: Steven L Umbach: "Re: Delegation Rights"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
