custom msc file allows browsing Domain
Posted on 2014-02-21
I'm using Windows Server 2008R2, domain level is native 2008R2. I have created a custom .msc file for one of my junior admins, and it works just fine. This console is designed to let them change/reset passwords for users in a specific OU. I authored the .msc, then saved it using "User mode - limited access, single window" Console mode, and I've also deselected the "Allow the user to customize views" option.
However, if the admin goes into the "view" settings, and selects View then Advanced Features, the console goes to the Console Root, and they are back at the top of my domain OU structure for Active Directory Users and Computers, at which point they can browse through the entire domain structure. I obviously don't want that.
It seems that something is not functioning properly - is there something I'm missing?
Thanks in advance,