I've created a custom delegwiz.inf file for you. To use it, do the following:
- if your workstation has aduc installed, search your %systemroot%\system32\ for the original delegwiz.inf file. rename it keep a copy.
- save the attached file as delegwiz.inf and copy it into the directory where the original one existed.
- create a test john.doe user account. you'll delegate rights to this account as a test.
- launch aduc and navigate to the ou where you want to grant this right to, then right-click the ou and go through the delegation control wizard. when going through the wizard, you can choose the "Edit Logon Script Path" option and it will delegate the right to Read & Write values to the logon script path field.
- run aduc as that john.doe user account and test to validate that he only has writes to modify the logon script path in user accounts in the ou that you gave him rights to.
- if it works just like you need, use it to further delegate this right to other ous as required.
Let me know how it goes and if it accomplishes what you need.
