maxworx
asked on
Password reset for an user or moving him not possible for some AD administrators
Hi there,
we have a problem with our Active Directory administrators. Some of them are not able to reset a password for some users or move them to another OU. They are NOT domain admins. Do you know some best practices for setting rights for such administrators? They primarily have to manage user accounts (add/delete users, move them...), add user-groups and add computers to the domain. Another admin is responsible for managing the OUs and another one for managing the group policies.
Are their issues with owner of an user, e.g. if a domain admin has created it a "normal" admin can not manage it completely?
Some tips would be gread!
Regards, Ralph
we have a problem with our Active Directory administrators. Some of them are not able to reset a password for some users or move them to another OU. They are NOT domain admins. Do you know some best practices for setting rights for such administrators? They primarily have to manage user accounts (add/delete users, move them...), add user-groups and add computers to the domain. Another admin is responsible for managing the OUs and another one for managing the group policies.
Are their issues with owner of an user, e.g. if a domain admin has created it a "normal" admin can not manage it completely?
Some tips would be gread!
Regards, Ralph
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.