Article ID: 240267
Article Last Modified on 3/1/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
This article was previously published under Q240267
SUMMARY
Windows 2000 now offers the ability to permit specific users or groups granular (very specific) administrative duties such as just resetting passwords, and so on in the domain. While this permits users to have new levels of administrative access, these users are not full administrators.
MORE INFORMATION
Through the use of Organizational Units (OU), policies, and security permissions, Windows 2000 permits administrators to grant others limited administrative powers to specific areas of the directory. However, if a user is a member of the administrators group, there is not a way to limit that users access. Administrators can always take ownership and delegate OU administration to others, as well as manage various other objects, such as users, groups, and OU's.
Keywords: kbinfo KB240267