ActiveDirSec.Org

The world's most trusted forum on Active Directory Security


ActiveDirSec.Org -> Active Directory Administrative Delegation -> What permissions are required to be able to Reset a User Account's password in Active Directory?
Post Info TOPIC: What permissions are required to be able to Reset a User Account's password in Active Directory?
Jeremy


Member

Status: Offline
Posts: 5
Date: Jul 12, 2011
What permissions are required to be able to Reset a User Account's password in Active Directory?
 
 

Hello,

We are trying to do an internal audit to find out how any of our delegated admins can reset the passwords of our CFO's domain user account.

I believe that we can do so by figuring out who effectively has the Reset-Password extended right granted on the CFO's user account object, and so we were trying to determine resultant access on his object.

Unfortunately this process is taking us a long time, so before we invested precious time, I thought I would inquire as to whether there are any other security permissions that we should be taking into account, other than the Reset-Password extended right.

Thank you in advance for your input.

Jeremy.



__________________
Driod Rules!
Page 1 of 1  sorted by
Quick Reply

Please log in to post quick replies.
ActiveDirSec.Org -> Active Directory Administrative Delegation -> What permissions are required to be able to Reset a User Account's password in Active Directory?
Post to Facebook Post to Digg Post to Del.icio.us
Members Login
Username 
 
Password 
    Remember Me