Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Special Desktop Tech rights in active dir., need to change ability to force password change.

Posted on 2011-09-27
2
234 Views
Last Modified: 2012-05-12
Greetings,

I am a new employee in an IT department. Not new to IT, just this company.
I was given an assignement to fix or edit a security group policy.
The name of the policy is:  PasswordChange.
This was created so the desktop techs can reset domain passwords.
the problem, in the pop-up window to reset a password, there is the small check box to force the user to reset change their password at next login.
This is greyed out for these tech users. *See attached pic*

I need to find out how to enable this function for these guys.

Thanks in advance.

 PassChange
0
Comment
Question by:Hystorm
2 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 125 total points
ID: 36712388
That is usually not done through a group policy.  That is done using the delegation control wizard or the ACLs in AD.  See screenshot.

Thanks

Mike
DelegateControlPW.jpg
0
 

Author Closing Comment

by:Hystorm
ID: 36712650
Whoohoo...
You Da Man!

Worked perfectly!

Thanks much!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Troubleshooting MDT 13 44
server crashed 2 48
VM sizing and performance consideration for Exchange Server 2013 ? 10 24
Cannot access RDP (AD 2012) 6 21
There's a better way to communicate time sensitive or critical info.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question