Solved

Server 2012 permissions

Posted on 2014-03-22
2
220 Views
Last Modified: 2014-03-24
Hi, we have a third party company which looks after our 2nd level support for our server, and naturally they have to have admin rights to perform this task. However, is it possible to set it up that they can't reset passwords for users?
0
Comment
Question by:maxkelpie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 40

Assisted Solution

by:Kyle Abrahams
Kyle Abrahams earned 250 total points
ID: 39948244
You can create a local admin account or grant their domain account local admin priveleges on the box in question.  They'd be able to reset passwords for local users on that box but not domain users.
0
 
LVL 29

Accepted Solution

by:
becraig earned 250 total points
ID: 39948251
You can group them all in one OU and then delegate permission to only reset passwords on their own OU.

Open ADUC  right click on OU you created and click on delegate control
Then follow the delegation control wizard to delegate the required permission (in this case password reset)
Simply click the button only the following object and check the users in that OU, then once in the permissions screen check the required option change password, reset password etc.

The wizard should be pretty intuitive.
0

Featured Post

Ready to get started with anonymous questions?

It's easy! Check out this step-by-step guide for asking an anonymous question on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question