.
If you don't have access to it, I can send you the PPT slides offline (and
will make you forward it to anyone else who asks ;-)
/Guido
-Original Message-
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 8. Oktober 2003 17:10
To: [EMAIL PROTECTED]
Subject: RE: [Act
e upcoming whitepaper.
If you don't have access to it, I can send you the PPT slides offline (and
will make you forward it to anyone else who asks ;-)
/Guido
-Original Message-
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 8. Oktober 2003 17:10
To: [EMAIL PROTECTED]
TED]
Sent: Wednesday, October 08, 2003 12:11 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OU Delegation question
Hi Michael,
The reason the OU Admin can still delete the user object is because of
the Full Control ACE you added. When deleting an object, the operating
system first looks at
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OU Delegation question
Hi Michael,
The reason the OU Admin can still delete the user object is because of the
Full Control ACE you added. When deleting an object, the operating system
first looks at the object itself to see the caller has the Delete
perm
are are neither given nor endorsed by it.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Wednesday, October 08, 2003 11:10 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OU Delegation question
Hi Al (and Joe),
Thanks for the
dnesday, October 08, 2003 9:52 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] OU Delegation question
Just so we have it straight, once you set the deny permission, they're still
able to delete an account but not create one? Is that about it?
Is that the last of what you need to acco
esday, October 07, 2003 3:51 PM
To: Active Directory Mailing List (E-mail)
Subject: [ActiveDir] OU Delegation question
Hi All:
At least around here, Robbie's "Tuna book" has yet to hit the shelves.
And Microsoft's whitepaper on delegation is still a month away. Other
refere
You don't want to go this way, they can sidestep your delegation by
rewriting permissions on the objects, that is part of the FC part of it...
Additionally if someone has FC for OU's/Containers they can set up new
OU/Containers and make any perms they want under those.
You should figure out exact
Hi All:
At least around here, Robbie's "Tuna book" has yet to hit the shelves. And
Microsoft's whitepaper on delegation is still a month away. Other references on
delegation appear scant at best. So here's the problem that I have been tearing my
hair out on (and I didn't have much to sta
