1. Create a group like "computer admins"
2. Then open Active Directory Users & Computers MMC snap-in right click on OU where you want them to give rights, if you want give them rights over whole domain then right click on domain name, select delegate control option.
3. In the resulting wizard select the group you created earlier "computer admins" click next then click Create a Custom Task to delegate then click next.
4. Then select "only the following objects in the folder" then tick "computer objects" from list and also tick the two boxes at the bottom. "create selected object in folder" and "delete selected object in folder" click next.
5. On the next screen select "Full control" from the list then click next
6. Next screen will show you summary of delegation then click finish.
Once done, add one of the users into "computer admins" group and try to carry out various task you want.
No comments:
Post a Comment