How do I prevent Admins from using native tools (ADU&amp;C) from managing objects in AD? (NETIQKB53328)

Document ID:7753328
Creation Date:02-Feb-2007
Modified Date:19-Jun-2007
- Micro Focus Products:
  Directory and Resource Administrator

Resolution

goal

How do I prevent Admins from using native tools like Active Directory Users and Computers (ADU&C) to manage objects in AD?

goal

How do I force Admins to use DRA and not ADU&C?

fact
Directory and Resource Administrator 6.x

fact
Directory and Resource Administrator 7.x

fact
Directory and Resource Administrator 8.0

fix

To prevent Admins from using ADU&C to manage objects in AD, you must remove any native permissions Admins may have, such as membership in the Domain Admins group, Local Admins group, or any other group that grants permissions in AD. Once you remove any native permissions for Admin accounts, you can assign Admin accounts to ActiveViews or add them to Assistant Admin groups in DRA. Removing all native permissions forces Admin accounts to use DRA to manage objects in AD.

Additional Information

Formerly known as NETIQKB53328

How do I prevent Admins from using native tools (ADU&amp;amp;C) from managing objects in AD? (NETIQKB53328)

Resolution

Additional Information

How do I prevent Admins from using native tools (ADU&C) from managing objects in AD? (NETIQKB53328)