Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Delegating permissions on OU

Posted on 2014-12-01
5
Medium Priority
?
20 Views
Last Modified: 2016-04-15
Hi,

I have assigned reset permissions to a group using the delegate wizard and created a custom tool using the mmc snap in for the users to reset passwords on the OU to which they have permissions.  The AD is at 2003 level and I know the tool works as I can access the OU using the tool as a domain admin.

However, when people in that group try to access the OU which I have delegated control to using the same tool, they cannot access it?
0
Comment
Question by:Nick_D
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:A Karelin
ID: 40475244
What do you meen "cannot access"?
Do they have read permission for the OU?
0
 
LVL 10

Expert Comment

by:Walter Padrón
ID: 40476706
0
 
LVL 2

Author Comment

by:Nick_D
ID: 40486961
Hi Walter

This is exactly what I have done.  Created a reset password tool from a new taskpad view and delegated control of the OU to a new security group which this person is a member of.  However, when they try to open the tool they get an error that the MMC cannot build the snap-in.  When I try it using my credentials it works fine so it must be a permission error.
0
 
LVL 10

Accepted Solution

by:
Walter Padrón earned 2000 total points
ID: 40487236
It could be a problem with the MMC itself or the .Net framework.

Try to run MMC with "Run as administrator" option and also check the Application event log for errors.
0
 
LVL 2

Author Comment

by:Nick_D
ID: 40564339
Sorry for the delay getting back to you, been out of the country.  Running as administrator still present the same issue?
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question