by dcoz at 2013-01-03 15:05:10
Hi guys,by Infradeploy at 2013-01-04 01:36:28
I am creating several computer accounts within AD and i am looking to delegate the right to allow a group of users to join the computer to the domain.
After having a look at the Quest AD cmdlets is the parameter -managedby the parameter i require when i use the cmd-let new-qadcomputer to accomplish this?
Thanks
Dougie
Nope. You’d have to change the ACL on the computer object. Delegation of control on an OU would accomplish this, or change it by script through set-acl or dacls (command line) per computer objectby RichardSiddaway at 2013-01-04 06:20:03
Users by default can join 10 machines to the domain
Try creating a computer account in AD users and computers and modify who can join it to the domain. You’ll then see the permissions required to perform the join.