Rammy Charles
asked on
Active Directory Administrative Permissions for Users Within OUs
For a Windows 2008 functional level Active Directory, what bare minimum permissions are required to allow a user to be able to unlock other users in the same OU as that user?
Trying to test this out via PowerShell but would like to only give the user bare minimum rights.
Is there also a permission that can be added to allow the user to reset other user passwords (only within that same OU)?
Trying to test this out via PowerShell but would like to only give the user bare minimum rights.
Is there also a permission that can be added to allow the user to reset other user passwords (only within that same OU)?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
?
ASKER
The article states that it only needs Read lockoutTime and Write lockoutTime so do not want to add more permissions that required for that user.