In a school situation - we have just upgraded our AD Servers to Server 2003 Enterprise R2 from Server 2003 Std.
I have been told with R2 it is possible to allocate the ability to certain users to change passwords of others for a specific OU.
In this case we want 2 staff members who we DON'T want to be Domain Admins to be able to change only student passwords. All students are in their own security & distribution group and in their own OU.
So far I haven't found any info on how to do it yet..
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…