Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Server 2012 permissions

Posted on 2014-03-22
2
Medium Priority
?
224 Views
Last Modified: 2014-03-24
Hi, we have a third party company which looks after our 2nd level support for our server, and naturally they have to have admin rights to perform this task. However, is it possible to set it up that they can't reset passwords for users?
0
Comment
Question by:maxkelpie
2 Comments
 
LVL 41

Assisted Solution

by:Kyle Abrahams
Kyle Abrahams earned 750 total points
ID: 39948244
You can create a local admin account or grant their domain account local admin priveleges on the box in question.  They'd be able to reset passwords for local users on that box but not domain users.
0
 
LVL 29

Accepted Solution

by:
becraig earned 750 total points
ID: 39948251
You can group them all in one OU and then delegate permission to only reset passwords on their own OU.

Open ADUC  right click on OU you created and click on delegate control
Then follow the delegation control wizard to delegate the required permission (in this case password reset)
Simply click the button only the following object and check the users in that OU, then once in the permissions screen check the required option change password, reset password etc.

The wizard should be pretty intuitive.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question