If you want allow control of certain administration tasks to specific administrator or group in certain location or OU. Say you want enables Joe the Plummer to reset Pluming department’s passwords and add/remove plumbers. You can use the delegation wizard to enable Joe The Plummer rights needed to perform this task.
To do this follows these steps:
1. Click Start and point to Administrative Tools.
2. Click on Active Directory Users and Computers.
3. In Active Directory Users & Computers, select and right click the OU to delegate its control.
4. Choose Delegate Control. This will start up Delegation Wizard. Click Next
5. Click Add and find correct user or group to delegate controls. (Type first few letters of the user or group and click ‘Check Name’, correct name should be underlined in the object name panel). Click Ok.
6. Once you select correct user or group click next.
7. Choose permission from the list for the selected user/group. For example “Create, Delete, management accounts” and “reset user passwords and force password change at next login”. Click next.
8. Click next and finish.Publisher: abdirahman isse