Hi,
We applied a custom passwrod generation policy, and we want to force members of certain groups to reset passwords by generation (uneditable).
For example, when "strongUser1" (member of Domain Admins) tries to reset "jdoe"'s password, they should be able to enter whichever password they want.
However, if "helpedskUser3" (member of "Helpdesk Group") tries to reset "scohen"'s password, they shouldn't be able to type (uneditable auto-generated password).
Any ideas on how to achieve that?
If necessary we can attach our password generation policy script, which is just a slightly edited version of the built-in one.
Thanks