Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== Delegate user to join computers to AD ======
+Delegate rights using Active Directory Users and Computers:
+  - Open the **Active Directory Users and Computers** snap-in.
+  - Right-click the container under which you want the computers added, and press **Delegate Control**.
+  - Press **Next**.
+  - Press **Add**.
+  - After adding all the users and/or groups, press **Next**.
+  - Select **Create custom task to delegate** and press **Next**.
+  - Select **Only the following objects in the folder**, check **Computer objects**, check the **Create selected objects in this folder** box, and press **Next**.
+  - Check the **Create all child object** box and press **Next**.
+  - Press **Finish**.
+  - Click **Start**, click **Run**, type **dsa.msc**, and then click **OK**.
+  - In the task pane, expand the domain node.
+  - Locate and right-click the OU that you want to modify, and then click **Delegate Control**.
+  - In the Delegation of Control Wizard, click **Next**.
+  - Click Add to add a specific user or a specific group to the **Selected users and groups** list, and then click **Next**.
+  - In the **Tasks to Delegate** page, click **Create a custom task to delegate**, and then click **Next**.
+  - Click Only the following objects in the folder, and then from the list, click to select the Computer objects check box. Then, select the check boxes below the list, **Create selected objects in this folder** and **Delete selected objects in this folder**.
+  - Click **Next**.
+  - In the **Permissions** list, click to select the following check boxes:
+      - **Reset Password**
+      - **Read and write Account Restrictions**
+      - **Validated write to DNS host name**
+      - **Validated write to service principal name**
+  - Click **Next**, and then click **Finish**.
+  - Close the “Active Directory Users and Computers” MMC snap-in