Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Give HR Employees Access to Edit Active Directory Info

Posted on 2011-02-25
2
2,307 Views
Last Modified: 2012-06-21
What is the best method to give our HR employees access to edit some minor Active Directory information in our AD 2003 Environment? We would primarily like them to edit the Organization tab to update our organizational structures.

Also - once access is granted, what is the best tools/utilities to load on their computers so that they may edit AD info?

Thank you -
0
Comment
Question by:RavenInd
2 Comments
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 200 total points
ID: 34983992
Hi,

You can create a security group and then use "Delegate Control" to give required level of control to modify and update Organization Tab Attribute.

Users can use Adminpack, or just the directory services users and computers snapin to update the changes.
0
 
LVL 35

Accepted Solution

by:
Joseph Daly earned 300 total points
ID: 34994067
I would also agree with v-2nas that delegation of permissions is the way to go.

Give this a quick read through for the basics. If you have any specific questions post back.
http://www.windowsecurity.com/articles/Implementing-Active-Directory-Delegation-Administration.html

As far as what tool to manage the users the HR employees will be using the acitve directory users and computers snap in to modify the accounts. However depending on how you have your OU structure configured you may be able to go even one step further and create a custom MMC for them.

This custom MMC can be useful if all of your user accounts are in the same OU. You can set this MMC to only open to that location and they will not be able to even browse the other OUs.

http://www.petri.co.il/create_taskpads_for_ad_operations.htm

A little more info on the custom MMC
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question