Re: Allowing a user to reset passwords
- From: "Jorge de Almeida Pinto [MVP]" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Thu, 11 May 2006 23:51:41 +0200
see:
http://blogs.dirteam.com/blogs/jorge/archive/2006/01/05/369.aspx
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
-----------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
"Jim Dykes" <JimDykes@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F8C189A5-BAC1-4982-9EA7-03EEC5B2B505@xxxxxxxxxxxxxxxx
I want to create a group that has the ability to change passwords, reset
passwords, and unlock user accounts that have been locked out. The
Account
Operators group has these abilities, but members of that group can also
create and delete accounts and groups. I tried creating a group and
granting it the change password and reset password permissions for the OUs
containing our users. This allowed group members to do those 2 things, but
not unlock accounts. I also tried creating a group, denying it the
create/delete computer and user accounts permissions and placing it within
the Account Operators group. I had a group member test, but she was
unable
to unlock an account.
Any suggestions on a way to grant specific users only the ability to
unlock
user accounts and reset passwords in AD Users and Computers? Thanks in
advance for your help.
.
- Prev by Date: Re: AD Delegation Issue - Computer Objects
- Next by Date: Re: Migration?
- Previous by thread: Re: AD Delegation Issue - Computer Objects
- Next by thread: Re: Event ID 13 error every 8 hours?
- Index(es):
Relevant Pages
|
