Sign in with
Sign up | Sign in
Closed

Delegate Domain Account Creation Task to Another User in Windows Server 2012

This Tutorial addresses:
  • DNS Server
  • DNS
Task delegation is a feature in Windows Server 2012 operating system which is automatically enabled when the network operating system is promoted to a full-fledged Active Directory domain controller. With the help of the task delegation, the administrators can reduce some of their overheads, and can delegate a few important tasks to some other smart users without promoting them as administrators, or without assigning them any other administrative privileges.

Since the tasks can be delegated to even the non-administrator user accounts, the administrators can remain assured that the domain user accounts to which the tasks have been delegated would not be able to do any harm to the server intentionally or unintentionally.
Also, the delegated user accounts cannot be exploited by any malicious script or anti-virus in order to gain access to the sensitive information or to intrude into the system whatsoever.

Here is how you can delegate the domain account creation task to any other comparatively smart Windows Server 2012 non-administrator domain user:

  1. Log on to the Windows Server 2012 Active Directory domain controller with the Enterprise Admin or Domain Admin account credentials.

  2. If not already started, initialize the Server Manager window from the bottom left corner of the screen.

  3. On the opened Server Manager window, go to Tools menu from the menu bar present at the top right corner.

  4. From the displayed list, click the Active Directory Users and Computers option.



  5. On the opened Active Directory Users and Computers snap-in, from the left pane, locate the target Organizational Unit (OU), the user account creation tasks of which you want to delegate to another user.

  6. Once located, right-click the OU, and from the displayed context menu, click Delegate Control.



  7. On the opened Delegation of Control Wizard welcome screen, click Next.

  8. On the Users or Groups window, click the Add button.

  9. On the opened Select Users, Computers, or Groups box, in the Enter the object name to select field, type the name of the user or group to which you want to delegate the domain account creation task and click the Check Names button to check the accuracy of the typed name.



  10. Once done, click OK to add the user or group to the Selected users or groups field.



  11. Click Next when done.

  12. On the Tasks to Delegate window, ensure that the Delegate the following common tasks radio button is selected.

  13. From the displayed list, check the Create, delete, and manage user accounts checkbox.



  14. Click OK to proceed to the next step.

  15. On the final window, click Finish to complete the task delegation process.


    Can't find your answer ? Ask !