Permissions to be able to add/delete contacts in Distribution Groups

Posted on 2008-11-19
Medium Priority
Last Modified: 2012-05-05
I am trying to delegate the task of adding contacts in Active Directory in the "Distribution Groups" OU. What permissions do I need to grant a user for him to be able to do this? I have tried delegating control to him over the desired Contacts folder and above and giving him read/write over the Global Address List in Exchange System Manager. What's the trick here? The symptoms are that he simply doesn't see the option to add a contact when he right-clicks in AD and selects "new". He also can't rename contacts or edit them.

Any ideas?
Question by:Foggier
  • 2
LVL 37

Expert Comment

by:Jian An Lim
ID: 23000810
you need to grand the right modify the membership of a group
(right click the OU, and delegate control)

Author Comment

ID: 23000860
Tried that. Any other ideas?
LVL 37

Expert Comment

by:Jian An Lim
ID: 23000880
goto the specific disitribution group
goto managed by, and change to the user. and select "manager can update membership list"
LVL 10

Accepted Solution

Rudram earned 2000 total points
ID: 23001845
* I believe that "the task of adding contacts in Active Directory in the "Distribution Groups" OU"; by this you mean  that you have a proper Organizational Unit (OU) in Active Directory Users and Computers (ADUC) console.

* So going with that assumption, if you want the user to be able to create any "Contact" object in that particular OU, then you could use the "Delegation of Control Wizard" in ADUC.

* Right click that "Distribution Groups" OU and then say Delegate Control.

* Follow the wizard, select the user whom you wish to grant the control, and then in Task to Delegate select the "Create a custom task to delegate" option.

* In the next page select "Only the following objects in the folder" and then from the below options select "Contact Objects"

* Then select "Create selected objects in this folder" and "Delete selected objects in this folder"  as per your requirement whether you want to grant permission to crerate or delete the contacts.

* Then in the Permissions page select what all rights you want to grant on that object, that is of the Contact object what all properties you would like that user to write or read and grant the permissions accordingly (properties as such as fiing the Description or any other attribute of the contact)

* Finally say finish and you have the delegate ready

Good Luck (^_^)

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
How to effectively resolve the number one email related issue received by helpdesks.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question