Group Policy vs Security Group to assign rights to an OU 2

[shakamon]

I was wondering if Group policy can be configured somehow to assign rights to an OU vs assigning a security group to assign rights.

If this is a no way, as I think it may be, Could someone explain briefly why? Or post a link differentiating this.

For example, say I have a security group called deskside_dudes, they are members of the acct operators built-in group. I have an OU named CORP. What would be the best way to assign rights to be able to change pw's and add\remove computer account to a domain.

Say I have another OU called CORP2, that I want the deskside dude to administer down the road and have the exact same perms and rights to the OU.

Is there any way besides assigning a security group and doing this via group policy.

"Only the dead fish follow the stream"

 

[monsterjta]

Here's an easy step-by-step resource on setting up delegation:

http://www.windowsecurity.com/articles/Implementing-Active-Directory-Delegation-Administration.html

Hope This Helps,

Good Luck!

 

[58sniper]

I agree. Delegation was intended specifically for this.

A star is being flung at monsterjta

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[shakamon]

Thanks! Make that 2 stars.

"Only the dead fish follow the stream"

 

[monsterjta]

You betcha. That's my Minnesota roots talking there.

Shakamon, you need to click on "Thank <username> for this valuable post" if you intend to submit feedback.

Hope This Helps,

Good Luck!