Active Directory write permissions let edit users information but not administrator-users information

active-directory windows-server-2008-r2 delegation

Solution 1:

Probably the SDAdminHolder feature. It blocks permission inheritance for accounts that are members of the protected groups. You could confirm this by inspecting the permission on the accounts, and the permission of the account parent container.

Related

iSCSI: LUNs per target?
what is acceptable datastore latency on VMware ESXi host?
Dell PowerEdge R720xd stuck in BIOS [closed]
Check IP who is visiting my site on nginx
Why bother reverse proxying applications if you aren't using mod_security or TMG/UAG?
Use WMI to remove a page file
How to limit connection speed
Nginx cannot access upstream .sock file and public folder
How to remove the SMTP address for a secondary domain from all Exchange mailboxes?
vmware on unsupported hardware, should I avoid at all costs?
Disable LDAP authentication on Ubuntu
Cron task error: WRONG FILE OWNER