OU's and delegated accounts

Microsoft Windows server 2008 standard -...
May 6, 2010 at 04:33:49
Specs: Windows 2003, XEON 4Gb
Hi there,

I have 2 queries/problems a taskpad from an OU which I have delegated control for. The delegation is fine, the user can do what they need to - reset passwords and move user accs from 1 OU to the other.

The first problem I have is when the user selects some user accounts and clicks the move command, it displays the full domain tree. Ideally I want it to only show OU's available below the current one. Any ideas?

The second I have which may not be doable, but would eliminate the first would be if we could have some way of selecting the users in the taskpad and then having a script to move the selected users to a specific OU? Can this be done in batch file?

Thanks in advance.

See More: OUs and delegated accounts

Report •

May 7, 2010 at 13:01:23
I could be wrong because I never messed with OU delegation before but my guess would be the user who is seeing all of the OUs is probably a member of the Administrator groups. You might want to double check his account.

Report •

May 9, 2010 at 20:22:08
AD is read only for all users ... you need no admin rights to view the tree. So no you can't hide the OUs they have no access to.

Report •
Related Solutions

Ask Question