I need to create a group a group of pseudo admins in AD to manage users at a remote location, but I'm not sure how this should be done

CBG 22

11/8/22, 3:12 PM

My company is migrating/consolidating domains with several remote business we have purchased, and one of our remotes sites has a pre-existing IT department that we want to keep in place. We would like to give the pre-existing department access to manage their users, groups, and PCs with out giving them access to anything else in our network. Has anyone dealt with this before, and if so how did you set this up?

Edit: I want to specify that this new company will be on the same domain as our existing company. So I need to figure out how to make this work all within one domain.

1 + 1

active-directory

domain

user-management

group-policy

user-accounts

djdomi

11/8/22, 4:01 PM

this is called domain trust, you can delegate the trust in one or both directions

Score:1

Server

TheCleaner

11/8/22, 6:54 PM

Based on your question and comments that it will be a single forest/single domain -- then it's just a matter of proper OU structure and Delegation of rights within AD.

See here from Microsoft for more info: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/delegating-administration-by-using-ou-objects

Basically you are creating specific OU structures and then setting rights for the IT admins based on your structure you want to delegate.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: I need to create a group a group of pseudo admins in AD to manage users at a remote location, but I'm not sure how this should be done

TH: ฉันต้องสร้างกลุ่มของผู้ดูแลระบบหลอกใน AD เพื่อจัดการผู้ใช้ในสถานที่ห่างไกล แต่ฉันไม่แน่ใจว่าควรทำอย่างไร

RO: Trebuie să creez un grup de pseudo-administratori în AD pentru a gestiona utilizatorii dintr-o locație la distanță, dar nu sunt sigur cum ar trebui făcut acest lucru

RU: Мне нужно создать группу псевдоадминов в AD для удаленного управления пользователями, но я не уверен, как это сделать

VI: Tôi cần tạo một nhóm gồm các quản trị viên giả trong AD để quản lý người dùng ở một địa điểm từ xa, nhưng tôi không chắc việc này nên được thực hiện như thế nào

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.