AD Permissions Problem

In our AD, my Help Desk personal have the ability to reset and change user
passwords. I have created users in their own groups, ex. finance, credit etc.
The problem I have is that often the help desk staff cannot unlock a user
and I'm struggling to figure out why. What I mean is in credit for example,
they will be able to reset all the user passwords, except one or two which is
greyed out. I create all the users exactly the same way, and cannot figure
out why one or two would be different. I've checked the user object
permissions, but cannot see a diffirence?

Johan
.

Relevant Pages

  • Re: Help Desk password reset tools
    ... If you don't want the help desk to use the ADUC snapin to reset passwords, ... then you will need to give them access to shell commands "net user" "dsmod" ...
    (microsoft.public.win2000.active_directory)
  • RE: Single sign on
    ... How to authentificate an user via telephon? ... > Avatier has a product which would allow users to reset their own passwords ... >> for the person whose account is reset. ... >> would only be accessible by the person whose account is reset. ...
    (Security-Basics)
  • Re: Hacked
    ... *consider, having every user reset his/her passwords, and reset all service accounts. ... I've done a full scan and the server is clean. ...
    (microsoft.public.security)
  • Re: Hacked
    ... *consider, having every user reset his/her passwords, and reset all service accounts. ... I've done a full scan and the server is clean. ...
    (microsoft.public.security)
  • Re: Hacked
    ... *consider, having every user reset his/her passwords, and reset all service accounts. ... I've done a full scan and the server is clean. ...
    (microsoft.public.security)