Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [delegation]

141 questions
2
votes
1 answer

Difference between "Descendant User Objects" and just "User Objects"

i am trying to delegate permissions on a cetain OU to a certain group. All i find is "Descendatn User Objects" and not just "User Objects" ; we have those available in other domain; please do let me know what is the difference and how does it…
Darktux
  • 827
  • 5
  • 21
  • 36
2
votes
1 answer

Why would delegated nameservers ever be different to authoritative nameservers?

If you go on intodns.com and type in stackoverflow.com, the parent server tells me that nameservers for the domain are here: ns1.serverfault.com. ['198.252.206.80'] [TTL=172800] ns3.serverfault.com. ['69.59.196.217'] [TTL=172800] …
Lars
  • 407
  • 3
  • 10
2
votes
0 answers

Delegate rights to AD security group to Add UNIX Attributes

We have several Linux servers that are AD integrated, all our DC's are Server 2008R2 running at 2003 DFL and FFL with MSSFU installed. I wish to delegate the population of the UNIX Attributes tab to an AD group for our Service Desk. I have delegated…
malco
  • 465
  • 1
  • 7
  • 14
2
votes
1 answer

Delegation Permissions to admins in Active Directory/Taskpads

I am trying to provide taskpads to few admins to operate on few tasks delegated to them at OU level.I ran into the following problem; lets say i delegated access to the admin on OU X and which is ability to modify groups such as sample group X1 , he…
Darktux
  • 827
  • 5
  • 21
  • 36
2
votes
2 answers

Delegating Administrator Control in AD

My IT environment is growing, and I want to delegate Domain Admin control to specific OU's. This way at each site, the admin in that location can only make changes in his site-specific OU. In my current environment my AD is still in 2003. How can I…
Jake A
  • 454
  • 2
  • 10
  • 22
2
votes
1 answer

In Win/AD, does kerberos authentication require the services accounts to be the same?

I am trying to isolate the cause of a KRB5KDC_ERR_BADOPTION (13) that I am seeing come back in a WireShark trace. I have set an SPN to associate xxx/server.fqdn:port with the domain account that the xxx service is running under on the target…
Bye
  • 228
  • 2
  • 6
2
votes
1 answer

Delegate "Read" Ability to GPO's

Is there a way to allow a non-administrator to "read" (as in browse and look at the settings) of domain gpo's? I see in GPMC there is an option to allow delegation of "Read Group Policy Results data" but I'm not solid on whether that will provide…
Mitch
  • 1,147
  • 11
  • 20
2
votes
1 answer

How to enable Kerberos delegation from SQL Server to DFS File Share

I am trying to enable my MSSQL database users to BULK INSERT / OPENROWSET() a CSV file that is stored on our DFS/cifs/smb network shares. Initial Setup I have the MSSQL service set to run as a domain user account, EXAMPLE\svc_mssql, and have added…
JoeNahmias
  • 175
  • 6
1
vote
2 answers

MX record delegation

I have a client who manages their own DNS - all the A records and CNAME records for example.com and a number of subdomains. They want to use a dedicated subdomain for email - em.example.com. They want my company to manage the emails - not just the…
Doug McLean
  • 143
  • 9
1
vote
1 answer

How to properly set-up ou DNS Zone delegation for the "_acme-challenge" subdomain?

We have hard times setting up a DNS Zone Delegation for one of our subdomains. We have one DNS record "_acme-challenge" that will change frequently, and this DNS record is defined directly on our server, which acts as a SECONDARY Name Server only…
AlexLaforge
  • 206
  • 2
  • 13
1
vote
0 answers

Active Directory User Group Delegate Reset Password

I want to enable users to reset their AD passwords on our Windows Server 2012 through our Jira server. In order to make this happen, I added an AD user group with delegated control from the top-level OU for the following permissions: change…
mojoritty
  • 21
  • 3
1
vote
2 answers

Enabling Unconstrained Delegation on Active Directory Domains

Where can i see the setting in domain , if i enable "unconstrained Delegation" by using below command? netdom.exe trust fabrikam.com /domain:contoso.com /EnableTGTDelegation:Yes
Darktux
  • 827
  • 5
  • 21
  • 36
1
vote
1 answer

SOA for DNS delegation

I'll first say that what I'm doing now seems to work, though I'm unclear on whether it's correct. I have a domain registrar company (inherited from a contract) and a name server company, separate because the latter supports some features we need…
Reinderien
  • 212
  • 3
  • 14
1
vote
1 answer

How to configure delegation in an ASP.Net Core 2.0 app on windows with users authenticated via Azure AD

The Setup: I have a web app written in ASP.NET Core 2.0 that authenticates against Azure AD using OpenID Connect. It is running on a machine that is part of an Azure AD domain. The app does have an Application set up in Azure AD. The problem: We…
Geoff
  • 111
  • 5
1
vote
1 answer

Active Directory Delegated Permissions grant multiple users access to edit a Global Security group with powershell

Hello Fellow IT Guru’s I am hoping to gain a little knowledge here regarding the ability to manage Active Directory Delegated permissions through powershell. I’ve recently ran into an issue where I wanted to provide multiple users the ability to…
M Rahbari
  • 11
  • 2
1 2 3
9 10