Shortcut to Active Directory Users and Computers - Limit view to own OU

What the command line option is to create a shortcut to ADUC, so the a particular OU only has only have visibility to their OU? We do not want them to see other non OU User objects, when they access the ADUC via this shortcut.

What permissions do they need to be provided at the User OU level, so they can only "reset" and unlock" their users at the OU level. We don’t want them to be able to rename or delete objects.
JonBSSAsked:
Who is Participating?
 
Mike KlineCommented:
You can create a taskpad view for them   http://social.technet.microsoft.com/wiki/contents/articles/2816.how-to-create-custom-mmc-and-add-taskpad.aspx

I actually wish this feature would be improved.

In the delegation control wizard or ACL on the OU you can get granular on permissions.  

There is the  "reset user passwords and force password change at next logo" using the delegation control wizard

Thanks

Mike
0
 
JonBSSAuthor Commented:
Thanks Mike, I've created the Task View, how do I create a shortcut to it?

Edit: Never mind.. I was over thinking it

Right Click > New Window From here > Save the MMC with the Task view created in a new window
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.