Re: Granting permission to re-add a computer account
From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 03/14/04
- Next message: Joe Richards [MVP]: "Re: Random Account Lockouts"
- Previous message: Joe Richards [MVP]: "Re: Audit Password Change in AD"
- In reply to: kj2n: "Granting permission to re-add a computer account"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 14 Mar 2004 09:57:06 -0500
I wouldn't recommend deleting and recreating the account. I would instead
recommend resetting the account and having the machine rejoin, this can be
done by simply delegating reset password on the computer objects (more
specifically on the OU with the ace inherited to computer objects).
-- http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) "kj2n" <anonymous@discussions.microsoft.com> wrote in message news:c3dc01c40867$16f5fcd0$a101280a@phx.gbl... > I am trying to grant access to our help desk to have the > ability to add computers to our domain. I have done the > following: > > Delegated Authority at the domain level to the following: > - Create Computer objects > - Delete Computer objects > > They can add new computers to the domain, but can not > remove and then re-add a computer to the domain. Could > this have something to do with resetting the computer > account within AD and not having the appropriate > permissions for that task? What security settings do I > need to allow? > > Thanks.
- Next message: Joe Richards [MVP]: "Re: Random Account Lockouts"
- Previous message: Joe Richards [MVP]: "Re: Audit Password Change in AD"
- In reply to: kj2n: "Granting permission to re-add a computer account"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
