<div>
Hmmm... makes sense, but I do not see one for &quot;Last Name&quot; for example. Does that mean I just need to use something like &quot;read Name&quot; and &quot;write Name&quot; in order to have Last Name included in delegation? Seems like the granularity for this is hit or miss.
</div>


Hmmm... makes sense, but I do not see one for "Last Name" for example. Does that mean I just need to use something like "read Name" and "write Name" in order to have Last Name included in delegation? Seems like the granularity for this is hit or miss.

<div>
Yeah just looked odd last name or sn is not there. &nbsp;You might need to use name.<br />
<br />
Thanks<br />
<br />
Mike
</div>


Yeah just looked odd last name or sn is not there.  You might need to use name.

Thanks

Mike

<div>
<div class="content wysiwyg-content">
Hi Experts,<br />
<br />
At my organization, I am trying to allow my HR team to be able to modify certain user account fields within ADUC. The fields are:<br />
<br />
First Name<br />
Last Name<br />
Display Name<br />
Description<br />
Office<br />
Job Title<br />
Department<br />
Company<br />
Manager (Being able to choose and assign managers to the user account in ADUC)<br />
<br />
Can anyone list each specefic permission required to allow a security group to modify the fields listed above? We will apply the perms using the delegation wizard on the OU which will hold all the user accounts we want HR to modify.
</div>
</div>


Hi Experts,

At my organization, I am trying to allow my HR team to be able to modify certain user account fields within ADUC. The fields are:

First Name
Last Name
Display Name
Description
Office
Job Title
Department
Company
Manager (Being able to choose and assign managers to the user account in ADUC)

Can anyone list each specefic permission required to allow a security group to modify the fields listed above? We will apply the perms using the delegation wizard on the OU which will hold all the user accounts we want HR to modify.

Issues with giving a security groups certain permissions to modify accont fields

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.