- Log in to your Active Directory server.
- Select Start > Programs > Administrative Tools > Active Directory Users and Computers.
- Right-click on the domain (listed at the top of the tree), then select Delegate Control.
- Click Next.
- Click Add.
- Enter the LDAP Username of the account you wish to delegate control to in the text box.
- Click Check Names to verify the name.
- Click OK.
- Click Next.
- Select Create a custom task to delegate and click Next.
- Select Only the following objects in the folder and check the User objects box.
- Click Next.
- Under Show these permissions, place check the General box.
- Under Permissions, check the Read box.
- Click Next, then click Finish button.
Delegating Control for the Authentication User in Active Directory
Updated