You will need to modify dssec.dat to expose the property. http://www.activedir.org/article.aspx?aid=24#11
Tony ---------- Original Message ---------------------------------- From: "WATSON, BEN" <[EMAIL PROTECTED]> Reply-To: ActiveDir@mail.activedir.org Date: Thu, 30 Nov 2006 09:34:39 -0800 I'm attempting to delegate out the permissions to adjust the Remote Access Permissions under the Dial-In tab in Active Directory for user accounts. When performing an LDAP query, I notice that changes to this setting are recorded in the msNPAllowDialin attribute. Set to False when Deny Access is set, True when Allow Access is set, and "not set" when Control Access through Remote Access Policy is set. However when I attempt to delegate out the rights to a security group so they can modify this, it is not listed as a selectable property. Am I missing something here? Should I be looking for a different property to delegate out this right? Thanks, ~Ben Watson ________________________________________________________________ Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/