<div>
Thanks for the info , yeah I didn't think it was possible ..
</div>


Thanks for the info , yeah I didn't think it was possible ..

<div>
Note: it would be possible if you moved those currently disabled accounts to an OU below the OU you are granting disable+enable permissions on if you disabled inheritance of permissions. We don't need to use the delegation of control wizard but -&gt;properties -&gt;security will do it.<br />
<br />
Or what is your mission's objective? Grant rights to disable but keep the currently disabled ones from being enabled, no?
</div>


Note: it would be possible if you moved those currently disabled accounts to an OU below the OU you are granting disable+enable permissions on if you disabled inheritance of permissions. We don't need to use the delegation of control wizard but ->properties ->security will do it.

Or what is your mission's objective? Grant rights to disable but keep the currently disabled ones from being enabled, no?

<div>
<div class="content wysiwyg-content">
Hi EE<br />
<br />
Does anyone know if there is a way to grant an account the ability to disable other AD accounts but not be able to enable accounts ? <br />
<br />
I am in a 2003 domain functional level
</div>
</div>


Hi EE

Does anyone know if there is a way to grant an account the ability to disable other AD accounts but not be able to enable accounts ? 

I am in a 2003 domain functional level

Active Directory - Ability to disable an account but not enable

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.