5-7: Role-Based Management of Active Directory Delegation
Type of solution
Guidance and tools
Features and tools
Role-based management, Active Directory groups, delegation, Delegation_Report.hta
Apply concepts of role-based management to Active Directory delegation so that the assignment of administrative tasks can be accomplished by changing group memberships rather than ACLs on Active Directory objects.
By representing delegations with capability management groups, it becomes significantly easier to assign and revoke administrative tasks. You can also use tools such as Delegation_Report.hta and Members_Report.hta to audit and report delegation.
In Chapter 1, I presented the concepts and tools related ...