Delegation:ServerAdmin /TrusteeGroup:<name of the universal group that you will delegate to> /TrusteeDomain: <FQDN of the domain where the trustee group resides> /ServiceAccount:<RTC service account name> /ComponentServiceAccount:<RTC component service account name> /ComputerOU:<DN of the OU or container where the computer objects that run Office Communications Server reside> /PoolName:<Name of an Enterprise pool or Standard Edition server> [/ExtraServers:<FQDN of server1, FQDN of server2>]
TrusteeGroup is the group to which you are granting permissions.
TrusteeDomain is the domain in which the trustee group resides.
ServiceAccount is the Real-time Communications (RTC) service account name.
ComponentServiceAccount is the RTC component service account name.
ComputerOU is the distinguished name (DN) of the OU containing the computer running the server to which you are granting administrative permissions.
PoolName is the name of the Standard Edition server or Enterprise pool in which the trustee group can administer servers; adds the trustee group to the Local Administrators group of each computer in the pool to the AdminRole of the RTC database, and to the ReadWriteRole of the RTCConfig database on the SQL Server back-end database server.
ExtraServers is a comma separated list of fully qualified domain names (FQDNs) of computers that are not part of a pool to which the trustee group requires access. You can enter the FQDN of Archiving Servers, Monitoring Servers (that is, Call Detail Recording (CDR) and Quality of Experience (QoE)), Mediation Servers, or the internal FQDN of edge servers (that is, if the edge servers are domain edge servers; if they are in a workgroup, they cannot be delegated).
Delegating User Administration
To administer Office Communications Server users, a user must have an account in the DomainAdmins group or the RTCUniversalUserAdmins group. Some organizations do not want to grant membership in the DomainAdmins group to users or groups who only need to manage Office Communications Server users. You can choose to add unauthorized users or groups to the RTCUniversalUserAdmins group, which is a universal group that can administer all users in the forest. By delegating user administration, you can grant a user or group the subset of permissions required to administer a specific set of Office Communications Server users.
When you delegate user administration, you grant the following permissions:
Read permissions to global settings
Read permissions to a computer organizational unit (OU)