Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Delegating permissions on OU

Posted on 2014-12-01
5
Medium Priority
?
19 Views
Last Modified: 2016-04-15
Hi,

I have assigned reset permissions to a group using the delegate wizard and created a custom tool using the mmc snap in for the users to reset passwords on the OU to which they have permissions.  The AD is at 2003 level and I know the tool works as I can access the OU using the tool as a domain admin.

However, when people in that group try to access the OU which I have delegated control to using the same tool, they cannot access it?
0
Comment
Question by:Nick_D
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:A Karelin
ID: 40475244
What do you meen "cannot access"?
Do they have read permission for the OU?
0
 
LVL 10

Expert Comment

by:Walter Padrón
ID: 40476706
0
 
LVL 2

Author Comment

by:Nick_D
ID: 40486961
Hi Walter

This is exactly what I have done.  Created a reset password tool from a new taskpad view and delegated control of the OU to a new security group which this person is a member of.  However, when they try to open the tool they get an error that the MMC cannot build the snap-in.  When I try it using my credentials it works fine so it must be a permission error.
0
 
LVL 10

Accepted Solution

by:
Walter Padrón earned 2000 total points
ID: 40487236
It could be a problem with the MMC itself or the .Net framework.

Try to run MMC with "Run as administrator" option and also check the Application event log for errors.
0
 
LVL 2

Author Comment

by:Nick_D
ID: 40564339
Sorry for the delay getting back to you, been out of the country.  Running as administrator still present the same issue?
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question