O'Reilly logo

Microsoft® Windows® Group Policy Guide by William R. Stanek, Derek Melber, Darren Mar-Elia, The Microsoft Group Policy Team

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Delegating Privileges for Group Policy Management

In Active Directory, administrators are automatically granted permissions for performing different Group Policy management tasks. Other individuals can be granted such permissions through delegation. In Active Directory, you delegate Group Policy management permissions for very specific reasons. You delegate to allow a user who is not a member of Enterprise Admins or Domain Admins to perform any or all of the following tasks:

  • View settings, change settings, delete a GPO, and modify security

  • Manage links to existing GPOs or generate RSoP

  • Create GPOs (and therefore also be able to manage any GPOs she has created)

The sections that follow explain how you can determine who has these permissions and how ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required