DSfW: Rights for a user to join workstations to the domain

Document ID:7005771
Creation Date:19-Apr-2010
Modified Date:15-Mar-2013
- Micro Focus Products:
  eDirectory
  Open Enterprise Server

Environment

Novell Open Enterprise Server 11 SP1 (OES11SP1)

Novell Open Enterprise Server 2 SP2 (OES2SP2)
Domain Services for Windows
DSFW

Situation

What rights and to what objects does a user need to join workstations to the domain?

What rights does a user need to join workstations to the domain?

What rights does a group need to join workstations to the domain?

Resolution

The minimum rights needed for a user or group to join a workstation to the domain are

Entry: Browse and Create

Additional rights that could be added are Rename and Delete if you want the user or group to have rights to rename or delete a computer object.

Assign the rights to the computers container (default location for computer objects) or to any container where the workstation objects reside. If the workstation accounts are located in a container other than the default location it is recommended only workstation accounts reside in that location. Do not mix users or other objects in the container.

Assigning supervisor rights to the computers container to join workstations to the domain will give the user or group all rights to objects within the container (and below if inheritance is checked).

To add a user as a trustee of the computer container select the container and choose Modify Trustee from the Actions menu

Screenshot1

Click the Add Trustee button and select the user

Screenshot2

Click on the Assign Rights link and add the appropriate rights, then click done.

Screenshot3