Hi ppl,
I am aware of the information that administrators and certain builtin groups are allowed to manipulate objects via ADUC. I found from http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/442cc93b-ef45-410c-a775-e666ba88d48b that all users are allowed to "READ ONLY" access to ADUC. I have a user "test" for whom I hav delegated certain permissions. When I log into my domain controller with that user, I am prompted for administrator credentials. My "test" user is denied access to ADUC. I found out that RSAt/adminpak.msi could grant me access to AD objects but only in a "read only" manner. So what should I do if I want "test" to access ADUC and add/delete/modify objects in ADUC.
Anand Kumar D
This posting is provided "AS IS" with no warranties, and confers no rights.