Active Directory Security dot com Complete Coverage of Delegation, Security Audit & Compliance Reporting in Active Directory Brought to you by former Microsoft Program Manager for Active Directory Security

	REFERENCE GUIDANCE REPORTING Reference | Top-20 D | Risks | FAQ Delegate | Verify | Assess | Audit | Report | Comply Reports |  Free Tools

| Delegating Account Mgmt | Delegating Group Mgmt | Delegating OU Mgmt | Delegating SCP Mgmt |

Delegating Group Management in Active Directory ADMINISTRATIVE TASK . HOW TO DELEGATE THE TASK . SECURITY IMPLICATIONS OF TASK (when performed with malicious intent) 1. Create a security group Grant Create Child permissions on the parent object to create Group objects Mislead others user to mistakenly grant your group access to IT assets. 2. Delete a security group Grant Standard Delete permissions on the group object or Delete Child permissions on the parent object Jeopardize security of IT assets being protected by that security group. 3. Modify a security group     membership Grant Write Property permissions on the group object to modify the Member attribute Obtain access to all IT assets to which that group is provisioned access. 4. Change a security group's     scope Grant Write Property permissions on the group object to modify the Group-Type attribute Alter use of security group to weaken security for certain protected assets. 5. Change a security group's     type Grant Write Property permissions on the group object to modify the Group-Type attribute Jeopardize security of IT assets being protected by that security group.

	What if you could find out who is delegated what group management tasks in Active Directory? You can, with the Gold Finger Active Directory Reporting Tool           Download your Free copy

<	About	Copyright ActiveDirSec.Com 2008 – 2010. All Rights Reserved	Disclaimer	>