G
Gordon Fecyk
After following the steps in this KB and in KB 279723 (how to grant
help-desk access to unlock), The "account locked" switch is still greyed out
when an account is locked and I'm viewing the lock from an account that's
supposed to have this right.
I've hacked dssec.dat on one workstation and on the DC with all the FSMO
roles (including PDC emulator) so that lockoutTime is visible when I try to
delegate control or view permissions on this right. I can use ADSI Edit to
confirm that the groups I've assigned these rights have had them assigned.
Yet "Account Locked" is still unavailable.
I've granted the right to a global group and added users to said group.
I've granted the right to objects within the domain (as opposed to the Users
OU) - isn't it suppose to propagate down to the Users OU?
help-desk access to unlock), The "account locked" switch is still greyed out
when an account is locked and I'm viewing the lock from an account that's
supposed to have this right.
I've hacked dssec.dat on one workstation and on the DC with all the FSMO
roles (including PDC emulator) so that lockoutTime is visible when I try to
delegate control or view permissions on this right. I can use ADSI Edit to
confirm that the groups I've assigned these rights have had them assigned.
Yet "Account Locked" is still unavailable.
I've granted the right to a global group and added users to said group.
I've granted the right to objects within the domain (as opposed to the Users
OU) - isn't it suppose to propagate down to the Users OU?