Problem solve
Get help with specific problems with your technologies, process and projects.
How can I remove 'delete a user account' permissions from an account operator?
Free PDF: Your Essential Guide to Unified Endpoint Management
Download this 44-page guide to learn everything you need to know about UEM.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
How can I remove the permissions to
delete a user account from the account operator in Windows 2000?
There are two ways to approach this problem.
- To allow account operators to do everything to manage accounts except delete user accounts, you can deny account operators the "Delete all child objects" permission on the users container in Active Directory users and computers. If all user accounts do not reside in this container, you will have to make the same change to all user account containing organizational units (OUs).
- The second option is to create a custom security group and only give it the permissions over user accounts that you desire. After creating the group, use the delegation of control wizard. When you are done, add members to this group that you wish. Delegation of administrative authority to security groups may be of help.
This was last published in March 2003
Dig Deeper on User passwords and network permissions
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.
Meet all of our Enterprise Desktop experts
Start the conversation
0 comments