Re: OU Permissions
From: Jeff (anonymous_at_discussions.microsoft.com)
Date: 10/08/04
- Next message: Srinivas Acharya: "global catlog"
- Previous message: Srinivas Acharya: "Login process in windows 2000"
- In reply to: ptwilliams: "Re: OU Permissions"
- Next in thread: Joe Richards [MVP]: "Re: OU Permissions"
- Reply: Joe Richards [MVP]: "Re: OU Permissions"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 8 Oct 2004 04:57:00 -0700
Ok.. This still isnt working. Its telling me access
denied. Basically, its a VB app that allows you to enter
a username and passes this to a .bat file. The .bat file
executes a userinfo command that unlocks the account. I
have Domain Admin rights and tested the tool with no
problems at all so I know the tool itself works. When I
log on as the test user the tool launches and attempts to
execute the .bat file command which it does (I have echo
on and a pause to see what is happening). The next thing
it says is access denied. What else could it be?
>-----Original Message-----
>Yep, you'll either need to refresh the policy on the DC,
or wait - enough
>time has now probably elapsed so this will be OK.
>
>Bear in mind, that DCs apply policy every 5 mins, and
send replication
>notifications every 5 mins, so this shouldn't be a long
wait (intrasite
>anyway).
>
>However, if you created a new group, applied the
permissions to that group,
>and added the users to that group then each user will
need to logoff/logon
>to get their new and updated access token.
>
>
>--
>
>Paul Williams
>
>http://www.msresource.net
>http://forums.msresource.net
>______________________________________
>"Jeff" <anonymous@discussions.microsoft.com> wrote in
message
>news:1cb401c4acb0$4931f990$a401280a@phx.gbl...
>I actually found this after I posted but it didnt seem to
>work. Do I have to refresh the policy even though the
>policy is setup on the DC and the access is for the DC?
>
>>-----Original Message-----
>>Jeff wrote:
>>> We have a group that will be using a tool to unlock
>user
>>> accounts if needed. All the user accounts are located
>in
>>> various containers under a particular OU. I added the
>>> Group to access the OU but I am not sure what to check
>off
>>> so that they can basically only unlock a user account.
>>> Thanks.
>>>
>>Check this KB
>>http://support.microsoft.com/default.aspx?scid=kb;EN-
>US;q294952
>>
>>--
>>Tomasz Onyszko [MVP]
>>T.Onyszko@w2k.pl
>>http://www.w2k.pl
>>.
>>
>
>
>.
>
- Next message: Srinivas Acharya: "global catlog"
- Previous message: Srinivas Acharya: "Login process in windows 2000"
- In reply to: ptwilliams: "Re: OU Permissions"
- Next in thread: Joe Richards [MVP]: "Re: OU Permissions"
- Reply: Joe Richards [MVP]: "Re: OU Permissions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
