?
Solved

Server 2012 permissions

Posted on 2014-03-22
2
Medium Priority
?
226 Views
Last Modified: 2014-03-24
Hi, we have a third party company which looks after our 2nd level support for our server, and naturally they have to have admin rights to perform this task. However, is it possible to set it up that they can't reset passwords for users?
0
Comment
Question by:maxkelpie
2 Comments
 
LVL 41

Assisted Solution

by:Kyle Abrahams
Kyle Abrahams earned 750 total points
ID: 39948244
You can create a local admin account or grant their domain account local admin priveleges on the box in question.  They'd be able to reset passwords for local users on that box but not domain users.
0
 
LVL 29

Accepted Solution

by:
becraig earned 750 total points
ID: 39948251
You can group them all in one OU and then delegate permission to only reset passwords on their own OU.

Open ADUC  right click on OU you created and click on delegate control
Then follow the delegation control wizard to delegate the required permission (in this case password reset)
Simply click the button only the following object and check the users in that OU, then once in the permissions screen check the required option change password, reset password etc.

The wizard should be pretty intuitive.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question