Archived from groups: microsoft.public.win2000.active_directory (
More info?)
Hi there.
The user interface for joining a PC to the domain from the client does not
allow you to enter an OU, so things always go to the Computers container.
There are two ways around this. The first is for an admin to create the
computer accounts (using dsa.msc). The second is to use the netdom.exe
utility (which can be found in the Support Tools folder on your Windows CD).
This has command-line parameters to allow you to specify an OU as an LDAP
path.
Hope that made sense.
Regards
Oli
"jw" <jw@discussions.microsoft.com> wrote in message
news:66C77D3E-8820-4B26-B207-E8D8D6E31EFE@microsoft.com...
> Can you elaborate on the difference between delegate control and user
> rights?
>
> I would like to have a group that can add machines to the domain from the
> workstations and have them go into a specific ou container that they are
> in
> not the default computer container.
> I have the group set up and the delegate control seems correct but can't
> get
> the container thing fugured out. It always goes to the default container
> even
> though the group only has security set up on a specific ou container.
>
> "Oli Restorick [MVP]" wrote:
>
>> Which container did you delegate access for? Machines are, by default,
>> added to the Computers container.
>>
>> I'd also recommend using a group for the purpose of delegation.
>>
>> It sounds like you're already aware that the right to "Add workstations
>> to
>> the domain" in user rights assignment is different from delegated control
>> to
>> add or delete computer accounts to or from a container.
>>
>> Oli
>>
>>
>>
>> "Greg" <Greg@discussions.microsoft.com> wrote in message
>> news:0F8042EB-4E44-4005-B209-6EE19EF7B914@microsoft.com...
>> > Hello,
>> >
>> > I used the "delegate Control" Wizard, picked an account, selected "Join
>> > a
>> > computer to domain" and finished. Problem is that I cant add computers
>> > to
>> > the
>> > domain with that account?
>> >
>> > Is there a better way to do this?
>> >
>> > thanks
>>
>>
>>