Eureka Moment Wiki

One eureka moment at the time

User Tools

Site Tools


windows:ad:delegate_join_user

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
windows:ad:delegate_join_user [2017/08/10 13:00]
127.0.0.1 external edit
windows:ad:delegate_join_user [2017/08/17 14:52] (current)
tplecko
Line 10: Line 10:
   - Check the **Create all child object** box and press **Next**.   - Check the **Create all child object** box and press **Next**.
   - Press **Finish**.   - Press **Finish**.
 +
 +
 +
 +  - Click **Start**, click **Run**, type **dsa.msc**,​ and then click **OK**.
 +  - In the task pane, expand the domain node.
 +  - Locate and right-click the OU that you want to modify, and then click **Delegate Control**.
 +  - In the Delegation of Control Wizard, click **Next**.
 +  - Click Add to add a specific user or a specific group to the **Selected users and groups** list, and then click **Next**.
 +  - In the **Tasks to Delegate** page, click **Create a custom task to delegate**, and then click **Next**.
 +  - Click Only the following objects in the folder, and then from the list, click to select the Computer objects check box. Then, select the check boxes below the list, **Create selected objects in this folder** and **Delete selected objects in this folder**.
 +  - Click **Next**.
 +  - In the **Permissions** list, click to select the following check boxes:
 +      - **Reset Password**
 +      - **Read and write Account Restrictions**
 +      - **Validated write to DNS host name**
 +      - **Validated write to service principal name**
 +  - Click **Next**, and then click **Finish**.
 +  - Close the “Active Directory Users and Computers” MMC snap-in
 +
windows/ad/delegate_join_user.txt · Last modified: 2017/08/17 14:52 by tplecko