How do I prevent Admins from using native tools (ADU&C) from managing objects in AD? (NETIQKB53328)

  • 7753328
  • 02-Feb-2007
  • 19-Jun-2007



How do I prevent Admins from using native tools like Active Directory Users and Computers (ADU&C) to manage objects in AD?


How do I force Admins to use DRA and not ADU&C?

Directory and Resource Administrator 6.x

Directory and Resource Administrator 7.x

Directory and Resource Administrator 8.0


To prevent Admins from using ADU&C to manage objects in AD, you must remove any native permissions Admins may have, such as membership in the Domain Admins group, Local Admins group, or any other group that grants permissions in AD. Once you remove any native permissions for Admin accounts, you can assign Admin accounts to ActiveViews or add them to Assistant Admin groups in DRA. Removing all native permissions forces Admin accounts to use DRA to manage objects in AD.

Additional Information

Formerly known as NETIQKB53328