So we would like to start delegating a lot of user management to our HR department. I have created a security group and set the delegation permissions for that group. I have put the MMC on all of their desktops and need to install / enable the RSAT tool
and make sure that users do not have access to do anything apart from what the security group allows them access to. Is there a good policy to implement for users to prevent them from accessing the RSAT tool/doing anything inside of it but which will also
let those users in the correct security group to open the customized mmc and perform the permitted actions from there?
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.