Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > AD Group Policy
Ask the community Add a reply
Word :    Username :           
 
johnlax38   04-07-2009 at 05:54:37 PM

Greetings all.

I am currently staffing my help desk. We have three support Tier 1 reps and two Tier 3 Reps. I will be bringing on more Tier 1 reps and Tier 2 reps.

In the future I should have:

5 Tier 1 Reps
2 Tier 2 Reps
2 Tier 3 Reps

I will be delegating some AD control to the Tier 2 Reps to assist with general AD maintenance and support, specifically changing domain user accounts.

My question is in regard to Group Policies. Currently right now I have service accounts and user accounts in the same OU in AD.

What I plan to do is create the following OUs:

Service Accounts
Management
Users

What I want to implement is to give the Tier2 reps access to change passwords for the Users OU only. Tier2 reps should not have access to Management and Service Account OUs. So if you could give me some tips on where to begin I would be very greatful. I don't mind doing research :) I just need a starting point.

I have a test domain that I can run tests against before rolling this out into production.

Thank you for any assistance.

Add a reply
Sponsored Links
Register or log in to remove.
Ask the community Add a reply
Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > AD Group Policy
Go to:

There are 1114 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.318 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them