Nick_D
asked on
Delegating permissions on OU
Hi,
I have assigned reset permissions to a group using the delegate wizard and created a custom tool using the mmc snap in for the users to reset passwords on the OU to which they have permissions. The AD is at 2003 level and I know the tool works as I can access the OU using the tool as a domain admin.
However, when people in that group try to access the OU which I have delegated control to using the same tool, they cannot access it?
I have assigned reset permissions to a group using the delegate wizard and created a custom tool using the mmc snap in for the users to reset passwords on the OU to which they have permissions. The AD is at 2003 level and I know the tool works as I can access the OU using the tool as a domain admin.
However, when people in that group try to access the OU which I have delegated control to using the same tool, they cannot access it?
This thread is on the topic
https://www.experts-exchange.com/questions/28086243/need-to-give-administrator-password-reset-capabilities-but-not-make-him-a-domain-admin.html
Best regards
https://www.experts-exchange.com/questions/28086243/need-to-give-administrator-password-reset-capabilities-but-not-make-him-a-domain-admin.html
Best regards
ASKER
Hi Walter
This is exactly what I have done. Created a reset password tool from a new taskpad view and delegated control of the OU to a new security group which this person is a member of. However, when they try to open the tool they get an error that the MMC cannot build the snap-in. When I try it using my credentials it works fine so it must be a permission error.
This is exactly what I have done. Created a reset password tool from a new taskpad view and delegated control of the OU to a new security group which this person is a member of. However, when they try to open the tool they get an error that the MMC cannot build the snap-in. When I try it using my credentials it works fine so it must be a permission error.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry for the delay getting back to you, been out of the country. Running as administrator still present the same issue?
Do they have read permission for the OU?