Okay we have a user that is NOT a domain admin, or enterprise admin. We have an exchange setup in the parent domain, we want this user to create mailbox/accounts for all new hires.
The user is a member of a group that has delegated control to add user object in all child domains in the proper user OU. The groups is also a member of the Exchange Recipient Administrators group.
The user reside in the Parent domain and can add a mailbox/user object in the parent domain. But the user is unable to change the domain in the Exchange Console to add a user in a child domain. However, in ADUC they can change domains and create a user object.
I have looked through delegated control and I can't find what is missing.
Has anyone done this? Point me in the right direction?
I have searched high and low.
The user is a member of a group that has delegated control to add user object in all child domains in the proper user OU. The groups is also a member of the Exchange Recipient Administrators group.
The user reside in the Parent domain and can add a mailbox/user object in the parent domain. But the user is unable to change the domain in the Exchange Console to add a user in a child domain. However, in ADUC they can change domains and create a user object.
I have looked through delegated control and I can't find what is missing.
Has anyone done this? Point me in the right direction?
I have searched high and low.
