Yep, you need to delegate WP to the member attribute.
I seem to recall the wizard doing something with the special permission
add/remove self as member but it seems misleading as that permission allows
the person who has it to modify the membership in its entirely, it is not a
validated permission to only allow you to add/remove yourself.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark
Sent: Tuesday, February 22, 2005 12:50 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] delegating group management
Hi guys, I'm fairly sure I can do this. But thanks to recent security
changes, I can no longer just fire up the delegation of authority wizard to
make sure...can I grant the ability to manage membership of groups to a
given group of user admins, without giving them the ability to change other
attributes of the users themselves? I'm thinking the best way to do this is
to place all the groups in an OU, and run the wizard to apply just the
necessary permissions on those groups in the OU.
Mark Creamer
Systems Engineer
Cintas Corporation
The Service Professionals
This e-mail transmission contains information that is intended to be
confidential and privileged. If you receive this e-mail and you are not a
named addressee you are hereby notified that you are not authorized to read,
print, retain, copy or disseminate this communication without the consent of
the sender and that doing so is prohibited and may be unlawful. Please
reply to the message immediately by informing the sender that the message
was misdirected. After replying, please delete and otherwise erase it and
any attachments from your computer system. Your assistance in correcting
this error is appreciated. Thank you. Cintas Corporation.
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/