I need to be able to delegate control to a user, on the Windows Server 2008 platform, to enable said group or person to manage users including permissions of Reset Passwors, Create User and, re-enable accounts.
I can only find articles pointing to AD Delegation Wizzard, old NT 4.0 stuff, or Linux items. We can not use AD in this case as it is forbidden and beyond all consideration.
PowerUsers is not going to cut it, that's going away. And "Account Operators" appears to have gone away too.. or is AD specific.