What is the delegation of control?
Inspection delegation is when the organizational unit (ou) - an object or group in the computer directory - gets a certain amount of control over functions. The control is usually minimal compared to the task, so the user can only perform the specified role and nothing else. Administrators and people in high positions, such as managers and owners, will receive the highest control delegation, with several restrictions on events. The check is usually divided into the department and provides managers to check over the only OU that allows the manager to add or delete the user.
is the directory of users and serves several purposes. It allows redundant data such as two people with the same name, but in different departments. This also gives users a way to organize employees and other users in terms of departments, employee levels, and overall delegation of inspection.Al the amount needed to complete the task. For example, if the user is assigned to write records, he will be given access to the addition of records. NiThe watelings should not add new users to OU or delete users because these functions are outside the user's work line. Providing a special check can cause security problems and therefore only a minimum check is granted.
People in higher positions, such as an administrator or manager, are provided with a higher control delegation. The manager is usually granted full control, but only for the group in OU. This allows the manager to do what he feels is suitable for this department, but the manager cannot interfere with other OU groups. Administrators usually have access to all OU groups, because if a technical error occurs or if the manager does not know how to perform the function, the manager can act manager.
is usually divided into several departments. This keeps the managers and departments separate, so they cannot interfere with each other, but also provides further use. The control delegation is dividedand access to group and users. This means that the whole group gets a certain level of access, but separate users can be provided with additional access if it is considered necessary. A higher approach is usually granted only if the user is promoted or must perform a task that requires further access to data.