----------------------------------------------------------- Attention: Non-Delivery Report -----------------------------------------------------------
This report is generated by the email server at: ivytech.edu The message with subject: "RE: [ActiveDir] Delegation of privilege" and attached to this report was not delivered to the following recipients: Address: [EMAIL PROTECTED] Reason: 554 5.5.2 No valid recipients (554) --------------
--- Begin Message ---You have answered your own question.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of TIROA YANN
Sent: Monday, July 18, 2005 1:39 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Delegation of privilegeHello AD Gurus :)I would like to give to one of my user "server operator" privilege on only one DC, and not the whole DCs of my AD 2003.I know that DCs do not have sam locally, and the only way to give this privilege is to use the Built-in Groups in the Built-in Container. But doing this allow my user to be server op for all DCs in my domain.The purpose of my question is;=> to give one user the privilege to fully manage *only one* DC with "server operator" privilege, without having the right to use MMCs such as ADUC, Schema, dssite, replmon, repadmin commands.Is this possible ?Thanks for input.Cheers,Yann
--- End Message ---