- Open the Active Directory Users and Computers console.
- Right-click the All Users OU and choose Delegate Control, as shown in Figure 1. Click the Next button to advance past the wizard's welcome page.
- On the wizard's Users or Groups page, click the Add button.
- In the Select Users, Computers, or Groups dialog box, enter the group's name (Password Reset), click the Check Names button to make sure the group's name is correct, and click OK, as shown in Figure 2.
- After making sure the group's name is listed on the Users or Groups page, click Next, as shown in Figure 3.
- On the Tasks to Delegate page, select Reset user passwords and force password change at next logon and click Next, as shown in Figure 4.
- Verify the information in the final page of the wizard and click Finish.
When you click the Finish button, the Delegation of Control Wizard adds the requested permissions to the All Users OU. You can view the effects of the delegation by right-clicking the All Users OU, choosing Properties, and selecting the Security tab. (If the Security tab isn't visible, enable the Advanced Features option on the View menu of the Active Directory Users and Computers console.) For a detailed view, you can click the Advanced button. Figure 5 shows the Advanced Security Settings dialog box that appears.
No comments:
Post a Comment