No announcement yet.

Domain Admin with limited Access

  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain Admin with limited Access

    I have searched and tested this several ways, and I am not sure what I am missing...

    I have been trying to create an AD Group that is called Domain Techs, and within this group is going to be an Intern within our company. We only want this person to have the ability to Join or Disjoin computers to the domain, Unlock "Locked" accounts, and a few other minor things. I have located the Create and Delete All Child Objects, but I am still unable to locate the area I need to enable to unlock a locked account. I have tested several things, and logged the test admin out each time before testing.

    Our environment is 2003 Domain/Forest.
    Domain Controller is located at my site.

    Any ideas or hints on where to go would be appreciated.


  • #2
    Re: Domain Admin with limited Access

    Check this out
    VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah


    • #3
      Re: Domain Admin with limited Access

      You have to create OU's (if not exist) then delegate roles to "Domain Tech" such as:
      Create/Delete Computer Accounts
      Unlock Lock Accounts

      Hope it helps


      • #4
        Re: Domain Admin with limited Access

        Creation of an OU special for that is not needed, all you need is to delegate the user on the OU which you want him to be able to make the changes.