I have a 2003 AD at a customers but am not there that often. I need to create a Security Group in the AD and give members of this group the ability to unlock other user's accounts and reset their passwords. Those are the only two things I want them to be able to do.
These specfic users are running XP Professional workstations and I have installed the 2003 Administrative Tools to their computers for they have access to the AD. I tried this long, long ago and had to give them Administrator rights to the Domain. I want to try again to give them just the unlock and reset password rights.