• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 211
  • Last Modified:

AD User rights restricted to a particular object

Hi, we have a job that effectivley does some gal syncing (all power shell) over air gap

It runs under a particular user, I would like for this user to have as fewer rights as needed. But been so long that I have done any administration.

How / where can I alter rights so for example it can only deal with.  Address list, all users/London
All users/ leeds.

Powershell makes use of ad and exchange cmdlets.

Windows 2003.  Ps1.  Exchange 2007 sp 2
0
mhamer
Asked:
mhamer
1 Solution
 
PietMuisCommented:
You can restrict/allow what a user can or see/query within AD by using the Delegation Wizard. You can access the Delegation Wizard easily by right-clicking on an OU, and the selecting Delegation Control. You als may want to take a look at these articles:
http://support.microsoft.com/kb/235531
http://technet.microsoft.com/en-us/library/cc773317(WS.10).aspx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now