X hits on this document





101 / 123

group S-1-1-0   BUILTIN\Administrators                             Alias S-1-5-32-544         BUILTIN\Users                                      Alias S-1-5-32-545         NT AUTHORITY\INTERACTIVE                           Well-known group S-1-5-4   NT AUTHORITY\Authenticated Users                   Well-known group S-1-5-11 NT AUTHORITY\This Organization                     Well-known group S-1-5-15  LOCAL                                              Well-known group S-1-2-0 CONTOSO\RTCUniversalUserReadOnlyGroup Group       S-1-5-21-4264192570-  CONTOSO\RTCUniversalGlobalWriteGroup Group        S-1-5-21-4264192570-  CONTOSO\RTCUniversalGlobalReadOnlyGroup           S-1-5-21-4264192570-  CONTOSO\RTCUniversalServerReadOnlyGroup           S-1-5-21-4264192570-  CONTOSO\delegatedLSSetup Group                    S-1-5-21-4264192570-  CONTOSO\CERTSVC_DCOM_ACCESS Alias                 S-1-5-21-4264192570-

Delegating Server Administration

To administer Office Communications Server 2007 R2 Standard Edition or Office Communications Server 2007 R2 Enterprise Edition, a user must have an account in the DomainAdmins group or the RTCUniversalServerAdmins group. Some organizations do not want to grant membership in the DomainAdmins group to users or groups who only need to manage Office Communications Server. You can choose to add unauthorized users or groups to the RTCUniversalServerAdmins group, which is a universal group that can administer all servers in the forest. By delegating server administration, you can grant a user or group the subset of permissions required to administer a specific Office Communications Server.

When you delegate server administration, you grant the following permissions:

Read/write permissions to global settings

Read/write permissions to a computer organizational unit (OU) container

Optional Read permissions to a user OU container


You must specify an existing global or universal group to which you want to delegate permissions. You cannot use a local group.

To delegate server administration

1.Log on to a computer in the domain where you want to grant permissions. Use an account that is a member of the RTCUniversalServerAdmins and DomainAdmins groups or that has equivalent user rights.

2.Open a command prompt and then type the following command:

LcsCmd /Domain[:<domain FQDN>] /Action:CreateDelegation  /

Document info
Document views377
Page views378
Page last viewedMon Jan 16 15:43:10 UTC 2017