Solved

giving access to active directory to a manager

Posted on 2014-10-27
6
49 Views
Last Modified: 2015-04-09
Hi,

I want to give access to a manager to our active directory .... to only one group of users... so that he can unlock the accounts when they get locked out.

is there any plugin or software i can use for this purpose.

the manager is at our remote site location. Our environment is Windows server 2008 and Exchange Server 2010.

Thanks
0
Comment
Question by:o0JoeCool0o
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 28

Expert Comment

by:Dan McFadden
ID: 40406466
Here is link that describes "Delegating Control" of objects in AD.

Link:  http://support.microsoft.com/kb/294952

The article says to right-click on the domain, but you can also delegate down at the OU level.  So if all you users are under a specific OU, I would do this from there.  This way the person or group can only unlock accounts the are children of the location.  The delegate control wizard will walk you thru assigning the permission(s) you want to give out.

Dan
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40406468
No plugin or software needed, you can do this via ADSI Edit. See here for the steps: http://support2.microsoft.com/default.aspx?scid=kb;EN-US;279723
0
 
LVL 4

Author Comment

by:o0JoeCool0o
ID: 40406471
is there any app so that the manager can use on his phone to unlock accounts?
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 40406474
None that I know of.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40406490
AD HelpDesk Lite by IMPLBits.com for IOS devices
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40410608
yep Neil is right, I used AD Helpdesk for a long time. You do need a VPN connection or have wireless access to the lan when on site.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
how to add IIS SMTP to handle application/Scanner relays into office 365.

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question