Archived from groups: microsoft.public.win2000.active_directory (More info?)
I have several DHCP servers running on domain controllers, all in one domain.
If I put a user in "DHCP Administrators", the user can manage all the DHCP
servers that are DCs. Is there a way to restrict access, so that a user can
only manage DHCP on a specific server?
I have been unable to find any documentation as to what rights/permissions
are granted to "DHCP Administrators". I do know that the group is not
assigned any NTFS permissions on the DC. Also, it does not appear to get
any Active Directory rights to the DCs. Microsoft's white paper on best
practices for delegating AD administration does not include any mention of
DHCP administration--because it is not a default part of AD, I suppose.
I have several DHCP servers running on domain controllers, all in one domain.
If I put a user in "DHCP Administrators", the user can manage all the DHCP
servers that are DCs. Is there a way to restrict access, so that a user can
only manage DHCP on a specific server?
I have been unable to find any documentation as to what rights/permissions
are granted to "DHCP Administrators". I do know that the group is not
assigned any NTFS permissions on the DC. Also, it does not appear to get
any Active Directory rights to the DCs. Microsoft's white paper on best
practices for delegating AD administration does not include any mention of
DHCP administration--because it is not a default part of AD, I suppose.
Facebook
Twitter
Instagram