Hi
We are currently delegating the access on for access control streamlining.
On a particular OU one group has been delegated with create\delete and manage groups and also modification of membership for the groups.
We tried many test cases, and all were successfulll but accept one. The tester is able to move the group to a particular OU (this is a problem) and not in any other OU (this is expected and correct).
I have evaluated the ACL on that particular destination OU. The tester does not has any access the destination OU.
Anbody with an idea on how to restrict this & if there is no ACL in place how are we going to analyse the access delegation from which this action is being peformed.
Regards Sushain KApoor