<div>
you need to select custom delegation task, then select &quot;user objects&quot; and then grant them &quot;read and write logon information&quot; on user objects
</div>


<div>
I granted/delegated access to &quot;write logon name&quot; to a group. Is there a way to check if a particular group has the ability to write &quot;userprincipalname&quot;.
</div>


<div>
yes<br />
<br />
Add required user to that group<br />
Then on which OU you have made delegation, on any user account in that OU try to change userprincipalname
</div>


<div>
I have granted access to the OU. The user is saying he still cannot. He logged off and logged on waited for replication, I want to see if I can generate some report confirming that this group has access to modify this attribute.
</div>


<div>
force ad replication<br />
then check effective permission of that ou where u assigned permissions
</div>


IT Professional

Albert Widjaja

<div>
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.<br />
<br />
I have recommended this question be closed as follows:<br />
<br />
Accept: Shaun Vermaak (<a href="https:#a42435707" rel="ugc">https:#a42435707</a>)<br />
<br />
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.<br />
<br />
exchangepro<br />
Experts-Exchange Cleanup Volunteer
</div>


<div>
<div class="content wysiwyg-content">
Hello experts,<br />
<br />
I want to delegate access (for a group) to an attribute called userprincipalname, but this attribute does not show in delegate wizard in ADUC. How would I delegate/grant access.<br />
<br />
Your assistance is appreciated.
</div>
</div>


Hello experts,

I want to delegate access (for a group) to an attribute called userprincipalname, but this attribute does not show in delegate wizard in ADUC. How would I delegate/grant access.

Your assistance is appreciated.

Active Directory: Delegate access

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.