Delegation Permissions to admins in Active Directory/Taskpads
Posted
by
user1569537
on Server Fault
See other posts from Server Fault
or by user1569537
Published on 2012-11-14T16:11:09Z
Indexed on
2012/11/14
17:04 UTC
Read the original article
Hit count: 239
I am trying to provide taskpads to few admins to operate on few tasks delegated to them at OU level.I ran into the following problem;
lets say i delegated access to the admin on OU X and which is ability to modify groups such as sample group X1 , he must be able to add any users from OU X to the group X1.
The issue here is while testing i found out the admin can do the above but also can add a user Y1 from the OU Y(which he doesnt have delegated permissions) to the group X1.What am i missing? how to restrict admin from adding users out of OU to the groups he has modify access to?
Please ask me if any more details/clarification required.
© Server Fault or respective owner