Get MCITP Certified Guaranteed Using the Group Policy Modeling Tool
In total, this list contains eleven options that you need to be familiar with:Create, Delete, and Manage User Accounts This delegation is used when you need to give permission for a user or group to have control over the administration of accounts. With this permission, the user or group has the authority to create, delete, and modify accounts according to the design speci?cations they desire.
Reset User Passwords and Force Password Change at Next MCITP Logon Probably the most often used delegation, this gives a user or group the ability to change passwords for the speci?c area that has been delegated for them.
Read All User Information Mostly used for auditing and security purposes, this gives per-mission to read all user information in the entire account. This should be used sparingly.
Create, Delete and Manage Groups This gives the delegate the authority to administer groups and is usually coupled with the ability to create user accounts. With this, the del- egate has the authority to truly start managing the infrastructure.
Modify the Membership of a Group A more ?nite and granular approach to delegation is to allow the delegate to modify the membership of a group, rather than the ability to man- age the group with the permissions to delete and create groups. This is more secure and convenient for administrators.
Manage Group Policy Links I’ll cover GPOs more heavily in Chapter 6, but MCITP Exams GPOs will sometimes need delegates to control them for ease of administration. With this option, the delegate can modify GPO links and alter their settings.
Generate Resultant Set of Policy (Planning) This allows the delegate to use the RSoP snap-in
in planning mode to view results.Generate Resultant Set of Policy (Logging) This allows the delegate to use the RSoP snap-in in logging mode to view results.
Create, Delete and Manage inetOrgPerson Accounts Sometimes delegates will deal with non-Microsoft LDAP and X.500 directory services that use inetOrgPerson mail accounts. With this delegation, delegates can create these accounts and modify them.
Processing your request, Please wait....
