An IT infrastructure is typically comprised of many IT assets such as user accounts, computers, files and databases, applications and services all of which need to be administered. In such IT infrastructures, it is not possible for a handful of administrators to adequately administer all aspects of the IT infrastructure.
Thus, in most IT infrastructures, administrative responsibilities for managing the various IT assets that together comprise the IT infrastructure are distributed (or delegated) amongst an adequate and typically greater number of less-privileged administrators, who are then responsible for managing smaller specific portions of the IT infrastructure.
Delegation of administration is the act of distributing and delegating an administrative task for various aspects of IT management amongst an adequate number of administrators.
The act of delegating administration involves granting one or more users or Active Directory security groups the necessary Active Directory security permissions as appropriate so as to able to allow the delegated administrator to carry out these tasks.
In the interest of security, after delegating an administrative task, IT personnel should always also verify delegation in Active Directory, so as to be sure that the task was delegated accurately. The process of verifying a delegation in Active Directory is rather complicated but with the right Active Directory Reporting Tool, IT personnel can accomplish this task efficiently and reliably.
Done right, Active Directory's powerful administrative delegation capabilities let organizations securely, efficiently and cost-effectively delegate administrative authority for identity and access management in their IT infrastructures thereby reducing cost and enhancing security.