• Home
• About
• Advertise
• Contact
• Search

Using restricted groups in Active Directory

by Mats Hellman on 21.Oct, 2009 under Active Directory, Group Policy, Windows

Using restricted groups is something very simple and still for many very confusing. Using restricted groups you can delegate administration or other roles to certain groups without giving these groups administrative rights to your Active Directory.

As an example, let’s say you have a helpdesk working in your company. For them to work as efficiently as possible they might need to login as Administrators to a client computer to fix various problems. Sometimes (read most times) you don’t want your helpdesk having Domain level Administrative rights because they might, even unknowingly, mess something up in your production domain. To deal with this we use Restricted groups. Restricted groups are provided by Active Directory group policies, they provide us a way to centrally drop in certain Active directory groups to computers local groups, yes computer local groups. They don’t have to administrative groups, they might be anything from backup users to Power Users.

(more…)

6 comments

Advertising

Recent Posts

• Configuration Manager 2012 installation trouble
• Install Software Updates hang on Downloading update
• SCCM 2007 management point fails to install
• Setting up Windows Server DHCP for SCCM2007
• The tale of the broken hard drive

Archives

January 2012

December 2011

July 2011

May 2011

April 2011

March 2011

February 2011

January 2011

December 2010

November 2010

September 2010

May 2010

Login

Register

Log in

Browse by tags

Acrobat Active Directory Apache Apple ASP.NET CentOS Defragmentation Drivers Free Software Group policy Install iPad Linux Microsoft MSI OSX Redhat SCCM Security Service Pack 3 SSL VPN SSTP VPN Virtual PC VPN Windows 7 Windows Deployment Services Windows Server Windows Vista Windows XP WinPE

Ads

Ads