Solved

Where will I find reference material on AD object properities, so that I can then assign appropriate privilege

Posted on 2008-10-08
3
464 Views
Last Modified: 2013-12-04
I was requested to assign a data entry person privileges to update User information in Active Directory,

I delegated a group the privilege to read and write a number of User properties on the User Object in Active Directory.  The data entry lady came back to me and said that she could not access to edit 'State/Province' and 'Country/Region' properties.

Some how I failed to delegate these privileges.  There does not appear to be an obvious Security permissions for these attributes.

In summary, what I am asking is for a translation between the object fields that you see in Active Directory Users and Computers, and the security privileges presented in the Security tab
0
Comment
Question by:TheITServices
3 Comments
 
LVL 4

Expert Comment

by:Jerrod_W
ID: 22674491
Have you tried adding the users / group to the "Managed By" tab under the properties of the security group you want them to edit?
0
 

Author Comment

by:TheITServices
ID: 22675947
Hi Jerrod,

I do not want to give a user access to a group.  I want to be able to pick whcih properties a user can edit on a User object.  

Thanks
0
 
LVL 5

Accepted Solution

by:
Dawilliams earned 125 total points
ID: 22678517
Display Name    
 Ad Search name

                   
International ISDN Number (Others)
 internationalISDNNumber
 
accountExpires
 accountExpires
 
accountNameHistory
 accountNameHistory
 
aCSPolicyName
 aCSPolicyName
 
adminCount
 adminCount
 
altSecurityIdentities
 altSecurityIdentities
 
Assistant
 assistant
 
badPasswordTime
 badPasswordTime
 
badPwdCount
 badPwdCount
 
City
 l
 
codePage
 codePage
 
Comment
 comment
 
Company
 company
 
controlAccessRights
 controlAccessRights
 
Country
 co
 
Country Abbreviation
 c
 
countryCode
 countryCode
 
dBCSPwd
 dBCSPwd
 
defaultClassStore
 defaultClassStore
 
Department
 department
 
desktopProfile
 desktopProfile
 
destinationIndicator
 destinationIndicator
 
Division
 division
 
dynamicLDAPServer
 dynamicLDAPServer
 
E-Mail Address
 mail
 
E-Mail Address (Others)
 otherMailbox
 
Employee ID
 employeeID
 
Fax Number
 facsimileTelephoneNumber
 
Fax Number (Others)
 otherFacsimileTelephoneNumber
 
First Name
 givenName
 
garbageCollPeriod
 garbageCollPeriod
 
Generational Suffix
 generationQualifier
 
groupMembershipSAM
 groupMembershipSAM
 
groupPriority
 groupPriority
 
groupsToIgnore
 groupsToIgnore
 
Home Address
 homePostalAddress
 
Home Drive
 homeDrive
 
Home Folder
 homeDirectory
 
Home Phone
 homePhone
 
Home Phone (Others)
 otherHomePhone
 
Initials
 initials
 
International ISDN Number
 primaryInternationalISDNNumber
 
IP Phone Number
 ipPhone
 
IP Phone Number (Others)
 otherIpPhone
 
Job Title
 title
 
lastLogoff
 lastLogoff
 
lastLogon
 lastLogon
 
legacyExchangeDN
 legacyExchangeDN
 
lmPwdHistory
 lmPwdHistory
 
localeID
 localeID
 
lockoutTime
 lockoutTime
 
Logon Name
 userPrincipalName
 
Logon Name (pre-Windows 2000)
 sAMAccountName
 
Logon Workstations
 userWorkstations
 
logonCount
 logonCount
 
logonHours
 logonHours
 
logonWorkstation
 logonWorkstation
 
Manager
 manager
 
maxStorage
 maxStorage
 
mhsORAddress
 mhsORAddress
 
Middle Name
 middleName
 
Mobile Number
 mobile
 
Mobile Number (Others)
 otherMobile
 
mS-DS-CreatorSID
 mS-DS-CreatorSID
 
mSMQDigests
 mSMQDigests
 
mSMQDigestsMig
 mSMQDigestsMig
 
mSMQSignCertificates
 mSMQSignCertificates
 
mSMQSignCertificatesMig
 mSMQSignCertificatesMig
 
msNPAllowDialin
 msNPAllowDialin
 
msNPCallingStationID
 msNPCallingStationID
 
msNPSavedCallingStationID
 msNPSavedCallingStationID
 
msRADIUSCallbackNumber
 msRADIUSCallbackNumber
 
msRADIUSFramedIPAddress
 msRADIUSFramedIPAddress
 
msRADIUSFramedRoute
 msRADIUSFramedRoute
 
msRADIUSServiceType
 msRADIUSServiceType
 
msRASSavedCallbackNumber
 msRASSavedCallbackNumber
 
msRASSavedFramedIPAddress
 msRASSavedFramedIPAddress
 
msRASSavedFramedRoute
 msRASSavedFramedRoute
 
Name
 cn
 
networkAddress
 networkAddress
 
Notes
 info
 
ntPwdHistory
 ntPwdHistory
 
nTSecurityDescriptor
 nTSecurityDescriptor
 
o
 o
 
objectSid
 objectSid
 
Office Location
 physicalDeliveryOfficeName
 
operatorCount
 operatorCount
 
otherLoginWorkstations
 otherLoginWorkstations
 
ou
 ou
 
Pager Number
 pager
 
Pager Number (Others)
 otherPager
 
Phone Number (Others)
 otherTelephone
 
Post Office Box
 postOfficeBox
 
postalAddress
 postalAddress
 
preferredDeliveryMethod
 preferredDeliveryMethod
 
preferredOU
 preferredOU
 
primaryGroupID
 primaryGroupID
 
profilePath
 profilePath
 
pwdLastSet
 pwdLastSet
 
registeredAddress
 registeredAddress
 
rid
 rid
 
sAMAccountType
 sAMAccountType
 
scriptPath
 scriptPath
 
securityIdentifier
 securityIdentifier
 
servicePrincipalName
 servicePrincipalName
 
showInAddressBook
 showInAddressBook
 
sIDHistory
 sIDHistory
 
State/Province
 st
 
street
 street
 
Street Address
 streetAddress
 
supplementalCredentials
 supplementalCredentials
 
Telephone Number
 telephoneNumber
 
teletexTerminalIdentifier
 teletexTerminalIdentifier
 
Telex Number
 primaryTelexNumber
 
Telex Number (Others)
 telexNumber
 
terminalServer
 terminalServer
 
textEncodedORAddress
 textEncodedORAddress
 
thumbnailLogo
 thumbnailLogo
 
thumbnailPhoto
 thumbnailPhoto
 
Title
 personalTitle
 
tokenGroups
 tokenGroups
 
tokenGroupsGlobalAndUniversal
 tokenGroupsGlobalAndUniversal
 
tokenGroupsNoGCAcceptable
 tokenGroupsNoGCAcceptable
 
unicodePwd
 unicodePwd
 
userAccountControl
 userAccountControl
 
userCert
 userCert
 
userCertificate
 userCertificate
 
userParameters
 userParameters
 
userSharedFolder
 userSharedFolder
 
userSharedFolderOther
 userSharedFolderOther
 
userSMIMECertificate
 userSMIMECertificate
 
x121Address
 x121Address
 
ZIP/Postal Code
 postalCode
 
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now