You know I just realized there is a way you could pull this off. Create the separate OU like Matjaz recommends and set
up the acc op delegation there and then modify the adminsdholder object to have inheritance... I would not recommend
this though as that inheritance being turned off is to protect you in case somehow an admin ID gets moved into an OU
where some normal person has full user delegation given to them or one of several critical attributes delegated to their
control because they could manipulate the admin ID and gain control of the directory.
--
Joe Richards
www.joeware.net