Eureka Moment Wiki

One eureka moment at the time

User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
windows:ad:delegate_join_user [2017/08/10 13:00] external edit
windows:ad:delegate_join_user [2017/08/17 14:52] (current)
Line 10: Line 10:
   - Check the **Create all child object** box and press **Next**.   - Check the **Create all child object** box and press **Next**.
   - Press **Finish**.   - Press **Finish**.
 +  - Click **Start**, click **Run**, type **dsa.msc**,​ and then click **OK**.
 +  - In the task pane, expand the domain node.
 +  - Locate and right-click the OU that you want to modify, and then click **Delegate Control**.
 +  - In the Delegation of Control Wizard, click **Next**.
 +  - Click Add to add a specific user or a specific group to the **Selected users and groups** list, and then click **Next**.
 +  - In the **Tasks to Delegate** page, click **Create a custom task to delegate**, and then click **Next**.
 +  - Click Only the following objects in the folder, and then from the list, click to select the Computer objects check box. Then, select the check boxes below the list, **Create selected objects in this folder** and **Delete selected objects in this folder**.
 +  - Click **Next**.
 +  - In the **Permissions** list, click to select the following check boxes:
 +      - **Reset Password**
 +      - **Read and write Account Restrictions**
 +      - **Validated write to DNS host name**
 +      - **Validated write to service principal name**
 +  - Click **Next**, and then click **Finish**.
 +  - Close the “Active Directory Users and Computers” MMC snap-in
windows/ad/delegate_join_user.txt · Last modified: 2017/08/17 14:52 by tplecko