Is there a way for our windows admin to allow us to add computers to our domain without giving us any other permissions. Jason

Users can be given those privileges. The Domain Admin should know how to do that. Life is more painless for those who are brainless.

Well he is kind of new to the whole active directory thing since we just switched to it about 6 months ago and he doesn't want to take the time to try to figure it out and he won't do it if it gives us more power than just adding the computers to the domain. If someone has done this can you give me a step by step so i can show him and get this setup so we don't have to wait on him when building computers? Thanks for the responses, Jason

How does he know what you show him doesn't give excessive power to your group? Have him look up Active Directory Delegation. There are too many variables that are related to your AD implementation that effect how to do this properly, especially your OU structure, and it's a decision he should be making on how to do this for you. FYI, if he doesn't know how to delegate this, he shouldn't be admining your AD environment. TECH-NO-LOGICAL ROMANCE! http://www.homestarrunner.com/tgs12.html

Hi Jason, Yes - It is very easy to allow certain users or groups permission to add computers to the domain. Simply follow these instructions: Open "Active Directory - Users & Computers" Right click on your domain Click "Delegate Control" at the top Click next Select the user or group which needs the permission - So most likely you, by clicking "Add" and searching to find the user or group, or type it in Simply select the tick box next to "Join A Computer To The Domain" Click "Next" Click "Finish" The user or group you selected should now be able to join computer to the domain, without problems. This will allow the user or group you selected to do this, but shouldn't allow them to do anything else. Good luck, All the best, Simon PS - This wizard is very useful, as it can be used to allow many other individual function for specific users or groups, without making them Administrators.

You don't need admin privileges to add computers to the domain. If you are talking about adding computer accounts, that is different and my be what you are talking about. Personally I wouldn't allow this. I'd prefer to add the computer accounts myself so I know who is trying to add a computer to the domain. But, if this is something you need to do, then the delegation wizard is certainly an option.