HOW TO delegate user to modify fax number & telephone number attributes in AD
Most of the organizations delegates more permissions to users then required for his given job responsibility or task. You may see a very junior administrator or 10+ users in the enterprise/domain admins group. This is a serious security threat & adding an inexperienced administrator in the enterprise/domain administrators groups could be disastrous. Permission control should be treated as an initial step towards a healthier and optimized Active Directory and always remember to grant the right permission for the right person or task Below snapshots highlighting attributes ‘Fax number’ & ‘telephone number’ on which we will delegate a user to modify in active directory user properties for a given domain. Note: Delegation inheritance is per user based and is enabled by default; please verify this setting in case of issues. Firstly, is the permission for all the domain or specific OU? If it is for all users in the domain, right click on the root or on the OU and Select “delegate control “
Click NEXT
—————————————————————————–
Select User and Domain
—————————————————————————–
Select radio button Custom Task and click NEXT
———————————————–
In the only following objects Select User objects
———————————————–
Select Read fax Number & Write Fax Number
———————————————–
Select Read Telephone Number & Write Telephone Number
———————————————–
Click Finish
———————————————–
Last 5 posts by Jalal Khan
- Active Directory 2003 Time synchronization - Quick Notes - October 12th, 2008
- Using Fiber to Copper Voice Transceivers in RightFax 9.0 - October 9th, 2008
- HOW TO disable USB drives via group policy - October 8th, 2008
- HOW TO broadcast fax in RightFax using mail merge - October 7th, 2008
- HOW TO schedule FTP file transfer - October 6th, 2008
Comments
Leave a Reply
-
Archives
-
Meta