troubleshooting Question

PS script to unlock user accounts. And: is Delegation destructive?

Avatar of mike2401
mike2401Flag for United States of America asked on
PowershellActive Directory
7 Comments3 Solutions255 ViewsLast Modified:
I'm trying to delegate permission to a user to unlock locked accounts.

In Active Directory Users & Computers:  for the OU containing all the users,  I right-click  Delegate Control | pick the person | pick create a custom task to delegate | pick 'user objects | then Pick property-specific | then check "read lockout time" and "write lockout time".

QUESTIONS:
1.  Did this destroy previous permissions  and replace it with just read & write lockout time?
2.  When I run my powershell command, I get a red error: "Unlock-ADAccout: insufficient access rights to perform the operation"

I was following instructions at:
https://www.lepide.com/how-to/delegate-rights-to-unlock-account.html

Thanks for any thoughts,
Mike
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 3 Answers and 7 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros