Extend Active Directory Delegation Wizard for Tasks

Active Directory Delegation Wizard is a nice tool to delegate recurring tasks within the AD user administration.

It can be extended with almost no limitations to enable the delegation of additional tasks.

Therefore the file delegwiz.inf has to be adapted.

Standard Tasks with AD Delegation Wizard

After the default installation of the Active Directory, some tasks are already predefined. Open the Delegation Wizard via context menu of the organizational unit by selecting “Delegate Control”. After selecting the object you want to authorize, the tasks to be authorized tasks are displayed.

These are well suitable to delegate tasks to the helpdesk or other employees. The above screenshot shows the default tasks from which you can choose.

Delegation Wizard – delegwiz.inf

Since Windows 2008, the contents of the Wizard are read from the following file:
%windir%\System32\delegwiz.inf

It can be extended almost to your desire. But before you extend it, the ownership of the file has to be taken over and the new owner has to be granted with writing permissions.

Here is an example how to extend Active Directory Delegation Wizard by one entry:

Copy the respective task into the file delegwiz.inf and add the name of the template (here: template47) to the line Templates = template1 of the template. 

After the next start of the Wizard, the new entry will be displayed to select:

The following article contains example data with 70 tasks available for delegation:
(Source: Microsoft Technet)

 
Here you can read more about other possibilities of  Active Directory Delegation.