{"id":1079,"date":"2011-06-21T13:46:12","date_gmt":"2011-06-21T05:46:12","guid":{"rendered":"http:\/\/www.sharepointboost.com\/blog\/?p=1079"},"modified":"2023-07-31T11:40:58","modified_gmt":"2023-07-31T03:40:58","slug":"sharepoint-ad-administration-delegating-authority-to-selected-users","status":"publish","type":"post","link":"https:\/\/www.boostsolutions.com\/blog\/sharepoint-ad-administration-delegating-authority-to-selected-users\/","title":{"rendered":"Sharepoint AD Administration, delegating authority  to selected users"},"content":{"rendered":"<p>Decrease workload by delegating tasks evenly to responsible managers.<strong> <a href=\"..\/..\/ad-administration.html\" target=\"_blank\" rel=\"noopener noreferrer\">Sharepoint AD Administration<\/a><\/strong> provides system administrator authority but with limited abilities to <strong>create, edit, rename, <\/strong>and\/or<strong> delete <\/strong>OUs  and AD properties. Assigned individuals also have the capability to  reset passwords, create and manage users and groups, and edit AD  progiles from within a predefined OU.<\/p>\n<p>Most companies have a  password policy, and it is usually scheduled every 60 days for password  change. The new password change should be different, not to mention the  complexity it requires.<\/p>\n<p>Usual password change flow looks like this, in 4 steps:<\/p>\n<p><a rel=\"attachment wp-att-283\" href=\"http:\/\/www.BoostSolutions.com\/blog\/sharepoint-ad-administration-delegating-authority-to-selected-users\/attachment\/4\/\"><img decoding=\"async\" loading=\"lazy\" title=\"password permission 1\" src=\"http:\/\/BoostSolutions.files.wordpress.com\/2011\/04\/password-permission-1.png\" alt=\"\" width=\"630\" height=\"161\" \/><\/a><\/p>\n<p>And  on some times, some employees forget the current password as even 60  days sounds like a long time, in fact it&#8217;s quite often for a password  change. So on some instances, password change would be in a rush that  they actually forget which password is used for the change.<\/p>\n<p>With<strong> Sharepoint AD Administration: <\/strong><\/p>\n<ul>\n<li>Managers can delegate the right to reset the password to IT Help Desk team.<\/li>\n<li>If a user forgets his password, IT Help Desk will be able to support and reset password without manager&#8217;s intervention<\/li>\n<\/ul>\n<p>Lastly, this saves time without frustrating waiting from IT or managers processing password reset requests.<\/p>\n<table cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<th width=\"60%\">Feature List<\/th>\n<th width=\"21%\">AD Administration<\/th>\n<th width=\"19%\">SharePoint<\/th>\n<\/tr>\n<tr>\n<td>Allows administrator to permit any users the ability to change other&#8217;s AD properties<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>Administrator can grant any users with authoritative power to manage organizational units, users and groups in AD<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>With the permission of the administrator, users can e-mail other users or groups directly from within AD admin web part<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>Administrator can decide which properties to restrict from certain users<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>Administrator can decide delegation scope and permission for each user<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>Display users, groups and sites in an alphabetical view, sites view, or AD organization view<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<tr>\n<td>Records each operation in a log file<\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/yes.gif\" alt=\"\" \/><\/td>\n<td align=\"center\"><img decoding=\"async\" src=\"..\/..\/images\/no.gif\" alt=\"\" \/><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p>To know more about Sharepoint AD Administration, please check out <a href=\"..\/..\/ad-administration.html\" target=\"_blank\" rel=\"noopener noreferrer\">Sharepointboost<\/a>.<\/p>\n<p>Questions, comments, suggestions? Email us: sales@BoostSolutions.com<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Decrease workload by delegating tasks evenly to responsible managers. Sharepoint AD Administration provides system administrator authority but with limited abilities to create, edit, rename, and\/or delete OUs and AD properties. Assigned individuals also have the capability to reset passwords, create and manage users and groups, and edit AD progiles from within a predefined OU. Most [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[347],"tags":[486,12,21,20,27],"_links":{"self":[{"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/posts\/1079"}],"collection":[{"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/comments?post=1079"}],"version-history":[{"count":14,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/posts\/1079\/revisions"}],"predecessor-version":[{"id":9317,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/posts\/1079\/revisions\/9317"}],"wp:attachment":[{"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/media?parent=1079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/categories?post=1079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.boostsolutions.com\/blog\/wp-json\/wp\/v2\/tags?post=1079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}