AP152 - Alterando as tarefas
administrativas do delegation of control wizard
| Autor: |
Ademir Yuri |
| Publicação: |
03/Mar/2005 |
Overview
 Vamos
mostrar como alterar as tarefas administrativas do DELEGATION OF CONTROL
WIZARD que por padrão permite apenas 13 tarefas administrativas para
mais de 70 opções disponíveis.
Solução
-
Ir em Start depois em Run
-
Digitar Explorer.
-
Navegar até a pasta <Instalação do Windows>\Inf.
Obs.:Normalmente C:\Windows\Inf
-
Clique com o botão direito do mouse no arquivo
Delegwiz.inf depois em Copy.
-
Clique com o botão direito do mouse em uma área
branca na janela do explorer e clique em Paste.
-
Clique com o botão direito do mouse no arquivo
Copy of Delegwiz.inf depois em Rename. Digite
Delegwiz_bkp.inf.
-
Copie e cole o texto abaixo ou
clique aqui para fazer download do
arquivo.
[Version]
signature="$CHICAGO$"
[DelegationTemplates]
Templates = template1, template2, template3, template4,
template5, template6, template7, template8, template9,
template10, template11, template12, template13, template14,
template15, template16, template17, template18, template19,
template20, template21, template22, template23,template24,
template25, template26, template27, template28, template29,
template30, template31, template32, template33,template34,
template35, template36, template37, template38, template39,
template40, template41, template42, template43,template44,
template45, template46, template47, template48, template49,
template50, template51, template52, template53,template54,
template55, template56, template57, template58, template59,
template60, template61, template62, template63,template64,
template65, template66, template67, template68, template69, template70
;---------------------------------------------------------
[template1]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create, delete, and manage user accounts"
ObjectTypes = SCOPE, user
[template1.SCOPE]
user=CC,DC
[template1.user]
@=GA
;---------------------------------------------------------
;---------------------------------------------------------
[template2]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Reset user passwords and force password change at next logon"
ObjectTypes = user
[template2.user]
CONTROLRIGHT= "Reset Password"
pwdLastSet=RP,WP
;----------------------------------------------------------
;----------------------------------------------------------
[template3]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Read all user information"
ObjectTypes = user
[template3.user]
@=RP
;----------------------------------------------------------
[template4]
AppliesToClasses = organizationalUnit,container
Description = "Create, delete and manage groups"
ObjectTypes = SCOPE, group
[template4.SCOPE]
group=CC,DC
[template4.group]
@=GA
;----------------------------------------------------------
;----------------------------------------------------------
[template5]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the membership of a group"
ObjectTypes = group
[template5.group]
member=RP,WP
;----------------------------------------------------------
;----------------------------------------------------------
[template6]
AppliesToClasses = domainDNS
Description = "Join a computer to the domain"
ObjectTypes = SCOPE
[template6.SCOPE]
computer=CC
;----------------------------------------------------------
;----------------------------------------------------------
[template7]
AppliesToClasses = domainDNS,organizationalUnit,site
Description = "Manage Group Policy links"
ObjectTypes = SCOPE
[template7.SCOPE]
gPLink=RP,WP
gPOptions=RP,WP
;----------------------------------------------------------
;---------------------------------------------------------
[template8]
AppliesToClasses=domainDNS,organizationalUnit
Description = "Generate Resultant Set of Policy (Planning)"
ObjectTypes = SCOPE
[template8.SCOPE]
CONTROLRIGHT= "Generate Resultant Set of Policy (Planning)"
;----------------------------------------------------------
;---------------------------------------------------------
[template9]
AppliesToClasses=domainDNS,organizationalUnit
Description = "Generate Resultant Set of Policy (Logging)"
ObjectTypes = SCOPE
[template9.SCOPE]
CONTROLRIGHT= "Generate Resultant Set of Policy (Logging)"
;----------------------------------------------------------
;---------------------------------------------------------
[template10]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create, delete, and manage inetOrgPerson accounts"
ObjectTypes = SCOPE, inetOrgPerson
[template10.SCOPE]
inetOrgPerson=CC,DC
[template10.inetOrgPerson]
@=GA
;---------------------------------------------------------
;---------------------------------------------------------
[template11]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Reset inetOrgPerson passwords and force password change at next logon"
ObjectTypes = inetOrgPerson
[template11.inetOrgPerson]
CONTROLRIGHT= "Reset Password"
pwdLastSet=RP,WP
;----------------------------------------------------------
;----------------------------------------------------------
[template12]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Read all inetOrgPerson information"
ObjectTypes = inetOrgPerson
[template12.inetOrgPerson]
@=RP
;----------------------------------------------------------
;---------------------------------------------------------
[template13]
AppliesToClasses=container
Description = "Create, Delete, and Manage WMI Filters"
ObjectTypes = SCOPE, msWMI-Som
[template13.SCOPE]
msWMI-Som=CC,DC
[template13.msWMI-Som]
@=GA
;----------------------------------------------------------
;---------------------------------------------------------
[template14]
AppliesToClasses=domainDNS,organizationalUnit
Description = "Create an Organizational Unit"
ObjectTypes = SCOPE
[template14.SCOPE]
organizationalUnit=CC
;----------------------------------------------------------
;---------------------------------------------------------
[template15]
AppliesToClasses=domainDNS,organizationalUnit
Description = "Delete a child Organizational Unit"
ObjectTypes = SCOPE
[template15.SCOPE]
organizationalUnit=DC
;----------------------------------------------------------
;---------------------------------------------------------
[template16]
AppliesToClasses=organizationalUnit
Description = "Delete this Organizational Unit"
ObjectTypes = organizationalUnit
[template16.organizationalUnit]
@=SD
;----------------------------------------------------------
;---------------------------------------------------------
[template17]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Rename an Organizational Unit"
ObjectTypes = organizationalUnit
[template17.organizationalUnit]
ou=WP
name=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template18]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify Description of an Organizational Unit"
ObjectTypes = organizationalUnit
[template18.organizationalUnit]
description=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template19]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify Managed-By Information of an Organizational Unit"
ObjectTypes = organizationalUnit
[template19.organizationalUnit]
managedBy=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template20]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delegate Control of an Organizational Unit"
ObjectTypes = organizationalUnit
[template20.organizationalUnit]
@=WD
;----------------------------------------------------------
;---------------------------------------------------------
[template21]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create a group"
ObjectTypes = SCOPE
[template21.SCOPE]
group=CC
;----------------------------------------------------------
;---------------------------------------------------------
[template22]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete a child group"
ObjectTypes = SCOPE
[template22.SCOPE]
group=DC
;----------------------------------------------------------
;---------------------------------------------------------
[template23]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete this group"
ObjectTypes = group
[template23.group]
@=SD
;----------------------------------------------------------
;---------------------------------------------------------
[template24]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Rename a group"
ObjectTypes = group
[template24.group]
cn=WP
name=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template25]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify the Pre-Windows 2000 compatible name for the group"
ObjectTypes = group
[template25.group]
sAMAccountName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template26]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the description of a group"
ObjectTypes = group
[template26.group]
description=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template27]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the scope of the group"
ObjectTypes = group
[template27.group]
groupType=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template28]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the type of the group"
ObjectTypes = group
[template28.group]
groupType=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template29]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify notes for a group"
ObjectTypes = group
[template29.group]
info=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template30]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify group membership"
ObjectTypes = group
[template30.group]
member=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template31]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify Managed-By Information of a Group"
ObjectTypes = group
[template31.group]
managedBy=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template32]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create a computer account"
ObjectTypes = SCOPE
[template32.SCOPE]
computer=CC
;----------------------------------------------------------
;---------------------------------------------------------
[template33]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete a child computer account"
ObjectTypes = SCOPE
[template33.SCOPE]
computer=DC
;----------------------------------------------------------
;---------------------------------------------------------
[template34]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete this computer account"
ObjectTypes = computer
[template34.computer]
@=SD
;----------------------------------------------------------
;---------------------------------------------------------
[template35]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Rename a computer account"
ObjectTypes = computer
[template35.computer]
@=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template36]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Disable a computer account"
ObjectTypes = computer
[template36.computer]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template37]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Reset a computer account"
ObjectTypes = computer
[template37.computer]
CONTROLRIGHT= "Reset Password"
;----------------------------------------------------------
;---------------------------------------------------------
[template38]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify the computer's description"
ObjectTypes = computer
[template38.computer]
description=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template39]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify Managed-By information for a computer account"
ObjectTypes = computer
[template39.computer]
managedBy=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template40]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify that a computer account be trusted for delegation"
ObjectTypes = computer
[template40.computer]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template41]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create a user account in disabled state"
ObjectTypes = SCOPE
[template41.SCOPE]
user=CC
;----------------------------------------------------------
;---------------------------------------------------------
[template42]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Create a user account"
ObjectTypes = SCOPE , user
[template42.SCOPE]
user=CC
[template42.user]
userAccountControl=WP
CONTROLRIGHT= "Reset Password"
;----------------------------------------------------------
;---------------------------------------------------------
[template43]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete a child user account"
ObjectTypes = SCOPE
[template43.SCOPE]
user=DC
;----------------------------------------------------------
;---------------------------------------------------------
[template44]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Delete this user account"
ObjectTypes = user
[template44.user]
@=SD
;----------------------------------------------------------
;---------------------------------------------------------
[template45]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Rename a user account"
ObjectTypes = user
[template45.user]
cn=WP
name=WP
distinguishedName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template46]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Disable a user account"
ObjectTypes = user
[template46.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template47]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Unlock a user account"
ObjectTypes = user
[template47.user]
lockoutTime=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template48]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Enable a disabled user account"
ObjectTypes = user
[template48.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template49]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Reset a user account's password"
ObjectTypes = user
[template49.user]
CONTROLRIGHT= "Change Password"
;----------------------------------------------------------
;---------------------------------------------------------
[template50]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Force a user account to change the password at the next logon"
ObjectTypes = user
[template50.user]
CONTROLRIGHT= "Reset Password"
userPassword=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template51]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user's display name"
ObjectTypes = user
[template51.user]
adminDisplayName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template52]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user account's description"
ObjectTypes = user
[template52.user]
description=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template53]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user's office location"
ObjectTypes = user
[template53.user]
physicalDeliveryOfficeName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template54]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user's telephone number"
ObjectTypes = user
[template54.user]
telephoneNumber=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template55]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the location of a user's primary web page"
ObjectTypes = user
[template55.user]
wWWHomePage=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template56]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user's UPN"
ObjectTypes = user
[template56.user]
userPrincipalName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template57]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify a user's Pre-Windows 2000 user logon name"
ObjectTypes = user
[template57.user]
sAMAccountName=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template58]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Modify the hours during which a user can log on"
ObjectTypes = user
[template58.user]
logonHours=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template59]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify the computers from which a user can log on"
ObjectTypes = user
[template59.user]
userWorkstations=WP
;----------------------------------------------------------
;---------------------------------------------------------
;[template60]
;AppliesToClasses=domainDNS,organizationalUnit,container
;Description = "Set User cannot change password for a user account"
;ObjectTypes = user
;[template60.user]
;CONTROLRIGHT= "Change Password"
;----------------------------------------------------------
;---------------------------------------------------------
[template61]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Password Never Expires for a user account"
ObjectTypes = user
[template61.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template62]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Store Password Using Reversible Encryption for a user account"
ObjectTypes = user
[template62.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template63]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Disable a user account"
ObjectTypes = user
[template63.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template64]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Smart card is required for interactive logon for a user account"
ObjectTypes = user
[template64.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template65]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Account is sensitive and cannot be delegated for a user account"
ObjectTypes = user
[template65.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template66]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Use DES encryption types for this account for a user account"
ObjectTypes = user
[template66.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template67]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Set Do not require Kerberos pre-authentication for a user account"
ObjectTypes = user
[template67.user]
userAccountControl=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template68]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify the date when a user account expires"
ObjectTypes = user
[template68.user]
accountExpires=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template69]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify a profile path for a user"
ObjectTypes = user
[template69.user]
profilePath=WP
;----------------------------------------------------------
;---------------------------------------------------------
[template70]
AppliesToClasses=domainDNS,organizationalUnit,container
Description = "Specify a logon script for a user"
ObjectTypes = user
[template70.user]
scriptPath=WP
;----------------------------------------------------------
-
Clique com o botão direito do mouse no arquivo
Delegwiz.inf depois em Open.
-
No editor de texto pressione Ctrl+A para selecionar
todo o conteúdo do arquivo.
-
No editor de texto pressione Ctrl+V para substituir
todo o conteúdo do arquivo pelo que foi copiado no ítem 7.
-
No editor de texto clique em File depois em Save.
Feche o editor de texto.
-
Para verificar a alteração no DELEGATION OF CONTROL
WIZARD execute o Active Directory Users and Computers. Clique com o
botão direito na Organization Unit desejada e depois em Delegate
Control.
-
Siga os passos do Wizard até chegar na tela abaixo.
Observações:
O
arquivo Delegwiz.inf deverá ser copiado para todos os controladores
de domínio em que você desejar executar o DELEGATION OF CONTROL
WIZARD com as opções alteradas.
A
instalação do Service Pack 1 insere novamente o arquivo Delegwiz.inf
com as 13 opções padrões.
Delegwiz.inf padrão
Delegwiz.inf alterado
Conclusão
Com este
tutorial mostramos como alterar o arquivo Delegwiz.inf para prover mais de 70
opções de tarefas administrativas no DELEGATION OF CONTROL WIZARD.
|
