Solved

Give Assistant Access To Update User Information In Active Directory

Posted on 2014-01-13
2
486 Views
Last Modified: 2014-01-14
Our company recently moved and we have multiple employees now spread across 'everywhere'. I want to give one of our administrative assistants access to AD to only be able to update user's addresses, phone numbers and department/company, etc. This is a user that should not have access to any other kind of functions in AD... I also would prefer that this person not actually log on to the server itself, if at all possible.

Is there any kind of third party tool that can connect to AD to do this?

Since it is data entry intensive, I want to dish this job out to an admin, asst.

Thanks EE community!
0
Comment
Question by:Paul Wagner
2 Comments
 
LVL 12

Accepted Solution

by:
SreRaj earned 500 total points
ID: 39778566
Hi,

You could delegate permissions to Administrative Assistants over an Organizational Unit. During delegation configuration, you can specify granular permissions like only updating basic attributes which should be assigned to users. After this is done, you could install Remote Server Administration Tools (RSAT) on AA's computers and instruct them to use consoles,  Active Directory Users & Computers or Active Directory Administrative Center to update user information.

Please refer following article for more information.

http://dani3lr.wordpress.com/2009/07/25/delegation-control-to-modify-only-certain-user-attributes-part-1/
0
 
LVL 4

Author Comment

by:Paul Wagner
ID: 39779554
Oh wow. You are a beast. That totally worked. I added permissions in the delegation for phone numbers, addresses, etc. but it definitely worked great. Thanks.
0

Featured Post

New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now