There is a requirement to restrict permissions to Add/Remove group members to a specific number of users.
1.- Create a new custom access template to deny add/remove group members:
2. Select the SeniorAdmins group, now in the bottom view (Advanced Details Pane), right click and select “Add”:
3. Add the trustee, so the JuniorAdmins group:
4. Select the custom access template that denies Add/Remove members:
5. Now when a JuniorAdmin user runs the MMC, the junior admin will not be able to add or remove members in the SeniorAdmins group:
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center