- Find Out More About:
- 20ft Shipping Containers Price
Delegating Administrative Control of Active Directory Objects
by
Kayla
To ensure that specific administrators receive the appropriate permissions for an object, you must delegate the administration of the object. In this lesson, you learn how to use the Delegation Of Control Wizard to delegate administrative control of domains, OUs, and containers.
After this lesson, you will be able to:
Delegate administrative control of domains, OUs, and containers Estimated lesson time: 10 minutes
Delegating Administrative Control
You delegate administrative control of domains, OUs, and containers in order to provide other administrators, groups, or users with the ability to manage functions according to their needs. In small organizations, a few administrators might be responsible for managing Active Directory objects. However, larger organizations might require many more administrators, requiring administrators to manage specific domains, OUs, or containers or even specific objects within OUs or containers. To ensure that administrators receive the appropriate permissions, you must delegate the administration of the domain, OU, or container. The Delegation Of Control Wizard is provided to auto¬mate and simplify the process of setting administrative permissions for a domain or an OU. Once you’ve used the Delegation Of Control Wizard to set up permissions, you can view or modify permissions for an object by viewing or modifying the access con¬trol entries (ACEs) in the object’s ACL.
When you delegate administrative control to users, you must ensure that the users take responsibility and can be held accountable. Provide training of
free practice IT questions
for users who have con¬trol of objects. If the users to whom you delegate responsibility are not performing the administrative tasks, you need to assume responsibility for their failure.
By default, all child objects in an OU inherit the permissions set on the OU.
Tip Make sure you know the difference between access control and delegating administrative control.
1.Log on to Server2 using the domain administrator user name and password.Demote Server2 to Member Server using Dcpromo and the DemoteContoso.txt
answer file. The answer file is located on the Supplemental CD-ROM in the 70-294LabsChapter09 folder.
2.Log on to Serverl using the domain administrator user name and password.
3. Open Active Directory Users And Computers. Click on the Computers container. You should see SERVER2 in the right windowpane.
4.Select and right-click the SERVER2 icon and click Reset Account. When prompted about resetting the computer account, click Yes, and then click OK.
5.Go to Server Try to log on to the domain using the contoso.com domain administrator user name and password. You should see the folio-wing error message: “Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. If this message continues to appear, contact your system administrator for assistance.”
Microsoft Windows Server strength in market these days shows the demand of related
IT certification
expertise and it clearly shows demands for years to come.
MCSE
70-299 Exam
is necessary for both business owners and employees. If you are hiring manager, team member then you should have good related knowledge. MCSE credential is a proof to show your ability to analyze the business needs for information system solutions along with designing and implementing infrastructure based on Windows Server 2003.
As we know well that Microsoft is one of the leading vendor in both system software and applications software. After becoming certified by
MCSE Certification
,you may stands out with employers with your credential proof to get job in IT industry worldwide.
Article Source:
ArticleRich.com