Re: Specific permission to add new contacs
- From: "neo [mvp outlook]" <neo@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 9 Apr 2008 05:41:42 -0700
Our site went the route of creating a custom delegwiz.inf file that allowed
us to use delegate wizard to dish out the appropriate rights the group
should have on said OU. Here is a copy of our custom inf file. You would
be interested in template 240.
[Version]
signature="$CHICAGO$"
[DelegationTemplates]
Templates = template130,template140,template180,template210,template240
;----------------------------------------------------------
[template130]
AppliesToClasses=organizationalUnit
Description = "Create, delete, and manage user accounts"
ObjectTypes = SCOPE, user
[template130.SCOPE]
user=CC,DC
[template130.user]
CONTROLRIGHT= "Reset Password"
@=WP
;----------------------------------------------------------
;----------------------------------------------------------
[template140]
AppliesToClasses=organizationalUnit
Description = "Create, delete, and managed groups"
ObjectTypes = SCOPE, group
[template140.SCOPE]
group=CC,DC
[template140.group]
@=WP
;----------------------------------------------------------
;----------------------------------------------------------
[template180]
AppliesToClasses=organizationalUnit
Description = "Create, delete, and manage computer accounts"
ObjectTypes = SCOPE, computer
[template180.SCOPE]
computer=CC,DC
[template180.computer]
CONTROLRIGHT= "Reset Password"
@=WP
;----------------------------------------------------------
;----------------------------------------------------------
[template210]
AppliesToClasses=organizationalUnit
Description = "Create, delete, and manage an OU"
ObjectTypes = SCOPE, organizationalUnit
[template210.SCOPE]
organizationalUnit=CC,DC
[template210.organizationalUnit]
@=WP
;----------------------------------------------------------
;----------------------------------------------------------
[template240]
AppliesToClasses=organizationalUnit
Description = "Create, delete, and manage contacts"
ObjectTypes = SCOPE, contact
[template240.SCOPE]
contact=CC,DC
[template240.contact]
@=WP
;----------------------------------------------------------
"jonte@xxxxxxx" <jonasberthelsson@xxxxxxxxxxx> wrote in message
news:uEBwNbjmIHA.4292@xxxxxxxxxxxxxxxxxxxxxxx
I want a group of users to be able to add new contacts under a specific OU
but I can't find out how ? I don't want them to be able to create new users
and groups.
I'v tried to give them All permissions on object contact in that OU but
they are still not able to create new ones.
Can you help me out ?
Sincerely
\\Jonas B
.
- Follow-Ups:
- Re: Specific permission to add new contacs
- From: jonte@xxxxxxx
- Re: Specific permission to add new contacs
- From: jonte@xxxxxxx
- Re: Specific permission to add new contacs
- References:
- Specific permission to add new contacs
- From: jonte@xxxxxxx
- Specific permission to add new contacs
- Prev by Date: Re: domain access control for local user of domain computer?
- Next by Date: Windows 2003 Server SP2
- Previous by thread: Specific permission to add new contacs
- Next by thread: Re: Specific permission to add new contacs
- Index(es):
Relevant Pages
|
|
