How to create an access template to allow only modification of user's phone numbers (4341354)

Follow the steps below to create an access template to only allow a user to modify user telephone numbers in Active Directory through the Active Roles MMC.

1. Navigate to Access Templates within the MMC
2. Right click and select New > Access Template
3. Type in an approriate name
4. Click Next
5. Click Add
6. Toggle Only the following classess radio button
7. Select the Domain check box and click Next
8. Toggle Object access
9. Check the List Object check box
10. Click Finish
11.  Follow steps 5 to 10 again this time add Read All Properties
12. Follow steps 5 to 10 again and for step 7 select Organizational Unit
13. Set the same two permissions that was set for Domain
14. Do this again for User with the same permissions
15. Add Write Telephone Number permissions for User
16. Click Next
17. Click Finish

Next link the access template to a user and directory object. Follow the steps below:

1. Right click on the access template
2. Select Links
3. Click Add
4. Click Next
5. Click Add
6. Type in the Domain or OU where this will be applied
7. Click OK
8. Click Next
9. Click Add
10. Type in the user to apply this template
11. Click OK
12. Click Next
13. Click Next
14. Click Next
15. Click Finish