If you need to present the Help Desk with a restricted view of Active Directory Users and Computers, just displaying selected users, you can use the following methodology:
01. Open MMC.EXE.
02. On the File menu, press Add/Remove snap-in.
03. Press the Add button.
04. Double-click Active Directory Users and Computers.
05. Press Close.
06. Press OK.
07. Expand the Active Directory Users and Computers \[<ComputerName>.<DomainName>\] item until you can see one of the user names you are interested in seeing in the right-hand pane.
08. On the View menu, press Filter Options.
09. Check the Create custom filter radial box and press the Customize button.
10. Select the Advanced tab.
11. Type the LDAP filter:
If you only wanted user Jerry: (objectcategory=person)(samaccountname=Jerry) If you wanted user Jerry and Jennifer: (objectCategory=Person)(|(sAMAccountName=Jerry)(sAMAccountName=Jennifer)) If you wanted all users whose user logon name started with an A, B, or C: (objectCategory=Person)(|(sAMAccountName=A*)(sAMAccountName=B*)(sAMAccountName=C*))12. Press OK and OK.
13. Navigate to verify that only the users you selected are displayed.
14. On the View menu, press Customize.
15. Uncheck all items.
16. Press OK.
17. On the File menu, press Save As.
18. Save the .msc file using a meaningful name. The default location is "%USERPROFILE%\Start Menu\Programs\Administrative Tools" but I would save it to a location that is easily accessible to the Help Desk. You might even want to create a shortcut to the .msc file.
NOTE: When the Help Desk opens the .msc file, the users you selected will be displayed.