GPO Management Delegation
- From: sevensixtwo187 <sevensixtwo187@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 6 Oct 2008 14:15:30 -0700
Hello,
I have what I consider an interesting and frustrating problem. I have
attempted to grant some non domain admin users that are OU admins the ability
to create and link GPOs in the OU they administer. I have followed the
procedure outlined by Microsoft. I.E. I have added the Security Group they
belong to to the "Group Policy Creator/Owners group" I have also added them
to the delegation tab for Group Policy object creation in our domain and I
have granted them the right to link GPOs in GPMC. When you right click on
the OU they administer and attempt to Create & Link a new GPO, it is not
grayed out and it will ask for the name of the new GPO. But, once you name it
and click "OK", it will then give an "Access Denied" error. If this is
attempted on any other OU, the GPO actions are grayed out. I have
reasearched and double checked everything but it does not work and I cannot
find anything that sticks out as being wrong. It is almost as if the
permissions are "halfway" in place. Any thoughts, ideas or suggestions would
be greatly appreciated.
Thank you!
.
- Follow-Ups:
- Re: GPO Management Delegation
- From: Meinolf Weber
- Re: GPO Management Delegation
- From: Marcin
- Re: GPO Management Delegation
- Prev by Date: RE: Rename 2008-level domain with Exchange 2007 present
- Next by Date: Re: build now, join later
- Previous by thread: build now, join later
- Next by thread: Re: GPO Management Delegation
- Index(es):
Relevant Pages
|
Loading
