Thursday, December 12, 2024
Latest:
NETWORK ADMINISTRATIONSWindows server

Delegate Unlock user permission in Windows Server 2012 R2

Alice AUSTIN

Donate Us : paypal.me/MicrosoftLab

Delegate Unlock user permission in Windows Server 2012 R2

1. Prepare

– DC11 : Domain Controller(Yi.vn) | WIN101 : Client

2. Step by step : Allow HiepIT unlock users in HR OU

– DC11 : Configure allow HiepIT to remote to Domain Controller and unlock users in HR OU

+ Enable remote desktop

+ Click ‘File Explorer’ – Right-Click ‘This PC’ – Properties – Remote settings – Choose ‘Allow remote connections to this computer’ – OK

+ Server Manager – Tools – Active Directory Users and Computers – Yi.vn – Builtin OU :

+ Double-click “Remote Desktop Users” – Members tab – Add… : HiepIT

+ Double-click “Server Operators” – Members tab – Add… : HiepIT (or add to one of groups : Account Operators, Backup Operators, Print Operators)

+ Server Manager – Tools – Group Policy Management – Yi.vn – Right-Click ‘Default domain Plicy’ – Edit… – Computer Configuration – Polices

– Windows Settings – Security Settings – Local Polices – User Rights Assignment – Allow log on through Remote Desktop Services :

+ Tick “Define these policy settings”

+ Click “Add User or Group…” – Browse… : Administrators;HiepIT – OK

+ Start – cmd, type : gpupdate /force

+ Active Directory Users and Computers – Right-click HR OU – Delegate Control… :

+ Users or Groups : Add… : HiepIT – Tasks to Delegate : Choose ‘Create a custom task to delegate’

– Active Directory Object Type : Choose ‘Only the following objects in the folder:’ – Select ‘User objects’ – Permissions : Untick General, tick Property-specific

– In the list Permissions : Tick ‘Read lockoutTime’ + ‘Write lockoutTime’ – Finish

– WIN101 : Remote to DC11 use HiepIT, test unlock user for NamHR

+ Start – Server Manager – Tools – Active Directory Users and Computers – Yi.vn :

+ IT OU – Double-Click NamIT – Account tab === can not unlock user

+ HR OU – Double-Click NamHR – Account tab === unlock for user === OK

————————————————————******************** Youtube.com/c/MicrosoftLab ********************———————————————————-

source

windows server

Alice AUSTIN

Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

You May Also Like

Windows Server 2008 remote printer

Alice AUSTIN

Demonstrating Windows Server 2016 Exploitation : Three Methods: TryHackMe OSCP Retro

Alice AUSTIN

1. Windows Server Administration Server – WSAS Intro

Alice AUSTIN

Leave a Reply

Your email address will not be published. Required fields are marked *