"Managed By" question - Tech Support

"Managed By" question: Posted by Bent Christensen on March 3rd, 2004; Hi,

In Windows 2003 AD properties for groups, there is a "Managed By"-tab. Just
below that there is a checkbox "Manager can update membership list".
I can't find the attribute name for this checkbox in ADSI Edit, nothing
seems to change when I check and uncheck the checkbox.

Does anyone know the attribute name for this?

- Bent; Posted by Dmitri Gavrilov [MSFT] on March 3rd, 2004; This checkbox must be affecting the DACL that is put on the group object. If
you check the checkbox, it must be adding an ACE granting write permission
to the current manager. Verify this by enabling View/Advanced features and
examining security settings on the group object.

--
Dmitri Gavrilov
SDE, Active Directory Core

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

"Bent Christensen" <bvc@no_spam_cowi.dk> wrote in message
news:uI35SpTAEHA.684@tk2msftngp13.phx.gbl...; Posted by Paul W. Nelson on March 3rd, 2004; Did you check the "Security" tab? That would be my guess.
ADSI Edit doesn't return the nTSecurityDescriptor attribute. Even if it
did, it is a blob of binary that contains an owner sid, group sid, SACL and
DACL. You would need to use security APIs to deal with this.

--
Paul W. Nelson
Thursby Software Systems, Inc.

in article uI35SpTAEHA.684@tk2msftngp13.phx.gbl, Bent Christensen at
bvc@no_spam_cowi.dk wrote on 3/3/04 10:12 AM:; Posted by Dmitry Korolyov [MVP] on March 3rd, 2004; I believe there no corresponding AD attribute. When you modify the checkbox,
the GUI just updates the object's ACL either granting or removing permission
to modify "members" attribute to the account specified in managedBy
attribute.

--
Dmitry Korolyov [d__k@removethispart.mail.ru]
MVP: Windows Server - Active Directory

"Bent Christensen" <bvc@no_spam_cowi.dk> wrote in message
news:uI35SpTAEHA.684@tk2msftngp13.phx.gbl...
Hi,

In Windows 2003 AD properties for groups, there is a "Managed By"-tab.
Just
below that there is a checkbox "Manager can update membership list".
I can't find the attribute name for this checkbox in ADSI Edit, nothing
seems to change when I check and uncheck the checkbox.

Does anyone know the attribute name for this?

- Bent; Posted by Ulf B. Simon-Weidner [MVP] on March 5th, 2004; Dmitry Korolyov [MVP] says...

since we have three guesses here I'd like to confirm that you are right - I've
verified that a while ago.

Gruesse - Sincerely,

Ulf B. Simon-Weidner

Similar Posts

"installing managed software"....... Message Box (Setup & Deployment) by James
Attention Plus.net Re: SPEWS DOLTS "WindsorFox", "Kevin-!:?)", "SpinDryer" SPAM broadband newsgroup (Internet & Broadband) by !:?)
Plus.net Question Re: SPEWS DOLTS "Spamjamr", "DLU", "Schmuel Metz"destined for the MADHOUSE! (Internet & Broadband) by !:?)
question about new "Leon" and "Pink Floyd The Wall" Discs (Video & DVD) by Vlvetmorning98
Question about 2 new DVD releases, "The Reckoning" and "Tiptoes" (Video & DVD) by The Intrinsically Flawed Mr. Hole