Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dmitry Shumov2016-09-27 16:59:34
Active Directory
Dmitry Shumov, 2016-09-27 16:59:34

Delegation of rights in AD, how?

Greetings!
There is a task to give rights to a group as a domain to admins, but without the ability to create or delete users. I do through delegation. On the permishin tab, I do this:
43cc20e1e8124775a4e2464eac9d82a0.png
i.e. I put Full Control, and then I remove the checkboxes from Create and Delete.
As a result, a member of this group can still create a user, but swears that there are not enough rights to set a password, and the user will be created "blocked". And so it happens. A member of the group also has the ability to delete a user.
What am I doing wrong? What rights should be given/taken away?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
Dmitry Shitskov, 2016-09-27
@Zarom

Check out this article https://habrahabr.ru/post/174437/
Starting with "Determining tasks for which delegation has been granted"

Similar questions
D
dranets132014-05-26 09:43:32
How to overcome error 2089 on domain controllers? 1Reply
E
Eugene2020-09-29 15:12:43
FreeNAS. Where did the files go after activating Active Directory? 1Reply
D
dema-rew2016-07-10 16:33:31
Are there any new features to bring J2EE applications and ADFS together? 1Reply
B
blackbeard2016-07-12 13:18:14
Automatic shutdown of workstations. Implementation methods? 2Reply
N
noname_shaman2016-07-13 11:39:49
How to find Word documents on the LAN by content? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question