Solved

Deligate user to update their self information on AD such as phone number.

Posted on 2009-04-02
7
142 Views
Last Modified: 2012-05-06
I'd like let user to update their particular self user account information such as Phone informaton or Department Information. It seems that it is not allowed by default in AD. I know deligation wizard might help but I'm not sure if it can restrict the access to "self". I don't want user to change another peoples information. Also want to be flexible to permit/restrict updateable field.
0
Comment
Question by:kimakabane
  • 5
  • 2
7 Comments
 
LVL 7

Expert Comment

by:maze-uk
ID: 24049383
Best Practices for Delegating Active Directory Administration
http://www.microsoft.com/downloads/details.aspx?familyid=631747a3-79e1-48fa-9730-dae7c0a1d6d3&displaylang=en

In the appendice of this document, you'll find the exact rights necessary. I suppose the right should be given to 'SELF'
0
 

Author Comment

by:kimakabane
ID: 24050329
Thanks, but I hope to know step by step procedure with some example.
0
 
LVL 7

Expert Comment

by:maze-uk
ID: 24050871
on the GPO containing the users, right click on it, and select properties.
Go into security, advanced
Click Add...
type SELF, and click OK
(optional: if users name or account contain 'self', they will show here, so select the one with 'SELF' as RDN, and click OK)
in PERMISSIONS ENTRY FOR USERS: on the Properties Tab,
in Apply onto, select User Objects,
then select the permission/proipery you want to apply.
Once finished, click OK as menay times as necessary to close the windows...
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 7

Expert Comment

by:maze-uk
ID: 24050896
exemple of permissions you'll find:
'Write General Information', will allow the user to edit his email and phone number...
0
 
LVL 7

Expert Comment

by:maze-uk
ID: 24050910
though I can see there is a specific one for mail and phone too: 'Write Phone and Mail Option'...
0
 
LVL 7

Accepted Solution

by:
maze-uk earned 250 total points
ID: 24050938
I attach a screenshot:
advancedsecurity.jpg
0
 

Author Comment

by:kimakabane
ID: 24051112
Thanks! Very helpful.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now