Avatar of ChicagoMikeW
ChicagoMikeW
 asked on

CACL's which do I use for individual field

I am in an AD Windows 2008 R2 environment with a large number of sites. Each site has an administrator who has delegated rights to their individual OU (Each OU had administrative access delegated to a group and the group contains the individual administrators for the site). I am attempting to restrict the access to “email” field on the general tab of user accounts. I need the OU administrator to be able to manage all other field of existing users and to be able to create new users? Can anyone tell me the correct CACLs command to make this change? And if possible how to apply it via script?

Thank you!
Microsoft Legacy OSActive DirectoryWindows Server 2008

Avatar of undefined
Last Comment
btan

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
btan

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes