Ok, So what I want is for a user to be able to manage the users in his own ou, simple.
The OU is created, and all setup.
This user’s machine is NOT part of the domain, and Windows 7 pro.
I have installed RSAT tools, and setup the server and client so that they are working, ( I tested it with my domain admin account)
But when I try to connect as the user, who has no special privileges in the domain, it gets an access denied. I suspect that he must have some subset of privileges in order to access the domain controller, but I can’t find out what those are. It is important that he have the least privilege possible.