adsi permission error

I use adsi in an asp page to allow the authenticated user to add/remove other users to a group. The code works when the authenticated user is an administrator, but all other attempts generate this error:

Active Directory error '80070005'
General access denied error

It references the line executing the permission change:
GroupObj.Add ("WinNT://servername/username")

I tried making the authenticated user a power user but
still only admin works. How do I allow someone other than admin to use this function? Thanks
sac389Asked:
Who is Participating?
 
Michel SakrConnect With a Mentor Commented:
you can't.. since an administrator can perform such tasks.. try to allow anonymous access an assign an administrator as the anonymous account.. you can set this in IIS.. this is an INTRANET I hope.. otherwise you'll need to create and encapsulate your code in a component, include it in COM+ and assign an admin account to run the package..
0
 
ZhongYuCommented:
You must be aware what you are trying to do. In a NT computer only members in administrators group can add/remove user accounts. You have to include the users into this group.
0
 
sac389Author Commented:
Thanks for your thoughts. I figured out that the creator of the group can add and remove members even if the creator is not an administrator. So I could create the groups with that person. But I want multiple people to have the ability to add and remove from the group. I have read that power users should be able to add and remove members also, but haven't gotten this to work yet.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.