Re: changing the ACLs on the builtin objects
- From: Meinolf Weber [MVP-DS] <meiweb(nospam)@gmx.de>
- Date: Sat, 4 Jul 2009 18:28:18 +0000 (UTC)
Hello user,
To add members to the local administrators use restricted groups with a GPO, easy and effective way.
http://www.frickelsoft.net/blog/?p=13
Let not domain users decide that. If you talk about helpdesk people use delegate control on the OU where they should be able to work. see also this one about some options:
http://blogs.dirteam.com/blogs/jorge/archive/2006/01/05/369.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Is there any way of changing the ACLs on the builtin objects? (e.g. to
grant a domain group the permission to add users to the builtin
administrators group on a workstation). (Other than SubinACL, cause
that doesn't work.)
.
- References:
- changing the ACLs on the builtin objects
- From: user
- changing the ACLs on the builtin objects
- Prev by Date: changing the ACLs on the builtin objects
- Next by Date: Re: AD upgrade - what changes?
- Previous by thread: changing the ACLs on the builtin objects
- Next by thread: Re: changing the ACLs on the builtin objects
- Index(es):
Relevant Pages
|
