Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to make a permission setting on all accounts under an OU

Posted on 2013-05-31
4
Medium Priority
?
198 Views
Last Modified: 2013-11-13
I have a 2003 AD domain. We have all of our 6000 user accounts under 1 OU.

I need to enable "write personal information" on the "self" account under security tab fr all the users under the OU.

Is there a way to to this.

Also, I will also need to have any new account inherit this setting when added to the OU.

any thoughts
0
Comment
Question by:rdefino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 2000 total points
ID: 39210929
There is. See this article:

http://deployhappiness.com/find-out-what-computer-a-user-logged-into/

It shows how to do it for the managedby attribute.
0
 

Author Comment

by:rdefino
ID: 39211070
So I read through that and I'm not seeing how that will help me. That talking about computers accounts.

I'm dealing with users accounts.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 39211096
It is the same concept. You'll right click on your Users OU and select Properties - Security - Advanced.

Add SELF as the principal. Then select descendant user objects. Browse down to the write personal information box. Check Allow. Then OK several times.
0
 

Author Comment

by:rdefino
ID: 39216149
So I followed this and there is no "write personal Informartion" in the list under descendant user objects.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question