Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Special Desktop Tech rights in active dir., need to change ability to force password change.

Posted on 2011-09-27
2
Medium Priority
?
243 Views
Last Modified: 2012-05-12
Greetings,

I am a new employee in an IT department. Not new to IT, just this company.
I was given an assignement to fix or edit a security group policy.
The name of the policy is:  PasswordChange.
This was created so the desktop techs can reset domain passwords.
the problem, in the pop-up window to reset a password, there is the small check box to force the user to reset change their password at next login.
This is greyed out for these tech users. *See attached pic*

I need to find out how to enable this function for these guys.

Thanks in advance.

 PassChange
0
Comment
Question by:Hystorm
2 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36712388
That is usually not done through a group policy.  That is done using the delegation control wizard or the ACLs in AD.  See screenshot.

Thanks

Mike
DelegateControlPW.jpg
0
 

Author Closing Comment

by:Hystorm
ID: 36712650
Whoohoo...
You Da Man!

Worked perfectly!

Thanks much!
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While Plesk offers many potential benefits to website administrators, including compatibility with Windows Server and other leading technologies, the company has also been working to differentiate it from other control panels for content management…
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question