Q

How do I "undelegate" a user group in AD?

In our Active Domain we have delegated a security group to have the right to add computers to another OU. How do...

I "undelegate" that user group if the need arises?

We thought it would be better to place the users in the group, and delegate the group with the thought that it would be easier to change group membership than to manage individual users.
You are correct -- it's best to have functions and responsibilities assigned through group memberships rather than simply on a user-by-user basis. Un-delegating a responsibility from a group is as simple as deleting their privilege for that action from the Active Directory policy manager.

This was last published in May 2004

Dig Deeper on Microsoft Active Directory Design and Administration

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close