Delegate Password Reset Permission

zero comment
Active Directory General
Reset User Password and Force Change At Next Login

The steps involved to set delegation for a AD user or group to reset account password permission.

Step 1: Open Active Directory Users and Computers. Right click on the domain and choose Delegate Control

Step 2:  In the Delegation of Control Wizard, click Next

Step 3: In Users or Groups window, select the user or group to whom you want to delegate control

Step 4:In Tasks to Delegate,

  • Choose ‘Delegate the following common tasks
  • Select ‘Reset user passwords and force password change at next logon
  • Click Next and Finish

Reset User Password and Force Change At Next Login

 

Optionally, if you need to provide account unlock permission, then

  1. Right click on the user or group to be granted permission, and select Properties
  2. Select Security tab and click Advanced
  3. Click Add
  4. Choose Select a principal and enter the user or group that needs to be granted reset permission
  5. Click Ok
  6. In the Applies to field, select Descendant User Object
  7. Scroll down and enable, Read lockout Time and Write lockout Time
  8. Click Ok

HostGator $2.75 per month
HostGator
24/7/365 Technical Support, Free Site Building Tools, 4500 Website Templates, Free Shopping Cart Software, Ideal for WordPress, 45 Day Money Back Guarantee
Go to the deal

delegate password reset

Administrator

Related Articles

Resolved – PUTTY key format too low
Read More
Install SSL Certificate on Jasper Report Server
Read More
Delegate_Move_OU_Write_Permission
Delegate Move Computer Objects from one OU to another
Read More