RE: Delegation of control wizard question
- From: Ashish <Ashish@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 30 May 2007 01:34:01 -0700
You need to delegate a customize control to change user properties:
Delegating Control of Custom Tasks
The previous examples detailed varying levels of delegating control on
specific Active Directory containers. For the delegation of specific tasks,
predefined options were selected for delegation. The Delegation of Control
Wizard provides an additional level of granularity allowing for custom-built
tasks to be assigned to specific users or groups. In the following section,
the HRTeam will be assigned permissions to modify specific user attributes to
facilitate general employment operations.
To assign control for creating and deleting a user’s personal information in
Active Directory to the HRTeam
1.
In the left pane, right-click Divisions OU, and then click Delegate
control. The Delegation of Control wizard appears. Click Next.
2.
On the Users or Groups page, click Add, click Advanced, and then click Find
Now. Scroll to HRTeam, double-click HRTeam, and then click OK. Click Next to
continue.
3.
On the Tasks to Delegate page, click Create a custom task to delegate.
(This allows you to delegate control of the entire container.) Click Next.
4.
On the Active Directory Object Type screen, click Only the following
objects in the folder.
5.
Scroll down to the final entry and select the User Objects check box. At
the bottom of the Active Directory Object Type screen, select both Create /
Delete selected objects in this folder check boxes. Review your settings as
shown in Figure 6, and then click Next to continue.
Figure 6. Creating a Custom Delegation
6.
On the Permission page, ensure that General is selected (default). Scroll
down and select the Read and write personal information check box as shown in
Figure 7.
Note: Selecting the property-specific check box will provide an additional
level of detail at the attribute level. For example, if you only wanted the
HRTeam to be able to change a user’s street address, you would select that
particular attribute.
Figure 7. Creating a Custom Delegation, Assigning Specific Rights
7.
Click Next to continue.
8.
On the summary page, review the proposed settings, and then click Finish.
Hope this will help.
Regards,
Ashish
http://yashcare.blogspot.com
"Zack" wrote:
We are running Windows 2003 as our domain controllers. I'm using.
"Delegation of control wizard" to give our helpdesk the required permissions
to change users' smtp addresses in the properties of the user in Active
directory (Active Directory Users and Computers > Select User > Right Click
> Properties > Email Addresses > New..."
What object type should I choose to give that right?
- References:
- Delegation of control wizard question
- From: Zack
- Delegation of control wizard question
- Prev by Date: moving profile from workstation to server
- Next by Date: excel shortcuts
- Previous by thread: Delegation of control wizard question
- Next by thread: Windows 2003 Server repeatedly fails
- Index(es):
Relevant Pages
|
