AD – Delegate permissions to add / delete / move / modify computer objects

Our goal here is to delegate permissions for creating, deleting, moving, modifying computer objects in specified OU by specified group without being given full control over the object or OU. Go to OU Properties -> Security -> Advanced -> Add, then select principal (group or user you want to delegate permissions to), type – Allow. Permissions Tab […]