Task-based Administrative Control Design

By Author: fiona
Total Articles: 191
Comment this article

In the task-based design, administration of specific A+ training course group policies is delegated to administrators that handle the associated specific tasks, such as security or applications. In this case, the GPOs are designed to contain only a single type of Group Policy setting, as described earlier in this lesson. In the example shown in Figure 10-12, security administrators have the ability to manage security GPOs in all OUs. Applications administrators have the ability to manage applications GPOs in all OUs. You can accomplish this by assigning Full Control permission to the security administrators for the security GPOs and Full Control permission to the applications administrators for the applications GPOs. This design is best suited for organizations in which adminis?trative responsibilities are task-based and delegated among several individuals.
Administrative control of GPOs can be delegated by using a centralized, decentralized, or task-based administrative control design. In the centralized design, administration of Group Policy is delegated only to top-level OU ...
... administrators. In the decentralized design, administration of Group Policy is delegated to top-level and to second-level OU administrators. In the task-based design, administration of specific group policies is delegated to administrators that handle the associated specific tasks.
Decentralized Administrative Control Design
In the decentralized design, administration of Group Policy is delegated to top-level and to second-level OU administrators. In the example shown in Figure 10-11, top-level OU administrators have the ability to manage 220-702 exam in the top-level OU. Second-level OU administrators have the ability to manage GPOs in their second-level OUs. You can accomplish this by assigning Full Control permission to top-level OU administrators for the top-level OU GPOs and Full Control permission to second-level OU administrators for their second-level OU GPOs. This design is best suited for organiza?tions that delegate levels of administration.
Centralized Administrative Control Design
In the centralized design, administration of Group Policy is delegated only to top-level OU administrators. In the example shown in Figure 10-10, top-level OU administrators have the ability to manage all GPOs in the domain. Second-level OU administrators do not have the ability to manage GPOs. You can accomplish this by assigning Full Control permission to top-level free it certification administrators. This design is best suited for organizations that want to consolidate the administration of group policies.