Tag Archives: Active Directory Domain Services

Delegating the minimum set of permissions for mailbox-enabled user and linked mailbox provisioning

In my previous post I described the minimum set of permissions required by the ADMA account to provision an AD DS user object.  In this post I’d like to expand on that and provide the minimum set of permissions required … Continue reading

Posted in Active Directory, FIM, FIM 2010, FIM 2010 R2 | Tagged , , , , , , , , , , , , , , , , , , , | 2 Comments

Resetting an AD DS password and honouring password history and age using the LDAP_SERVER_POLICY_HINTS control

I recently had to do some frantic experimenting around the area of password reset. I was working with a customer on a convoluted solution that necessitated a password synchronisation operation from the DMZ into a production network without a trust. … Continue reading

Posted in Active Directory, Programming | Tagged , , , , , , , , | 6 Comments