I am trying to grant limited permissions to some junior administrators in Lync 2013. I tasked them with creating some new common area phones for conference rooms. The policies for the phones have already been setup and I thought I delegated the proper active directory permissions to the OU where the lync contacts are created. They were able to create the common area phones but they cannot grant-csclientpolicy successfully. They receive the following error. I can run it with a user that is a domain admin but honestly I am not going to grant all of our IT staff domain admin rights to manage Lync phones. I haven't been able to find documentation explaining what permissions are required in active directory. Any suggestions would be helpful.