Our company has local IT (not Domain Admins) at each of our sites that need full control over their users and common area phones. We do not want them to be able to publish the topology. Whenever they run a command in the Lync 2013 shell, they receive the below error:
Cannot read topology. Verify that the topology data is accessible.
Here are some of the commands where the error is being thrown:
Set-CsClientPin -Identity "(name)" -Pin (pin)
Get-CSUser | Where-Object ($_.lineURI -like "tel:+1555"} | Select-Object DisplayName, LineURI | export-CSV -path (path)
I've ran the below commands to give their universal security group full control over their OUs:
New-CSAdminRole (admin group) -template CsUserAdministrator -UserScopes "OU:ou=(site),dc=(domain),dc=(forest)"
Grant-CsOUPermission -OU "ou=(site),dc=(domain),dc=(forest)" -ObjectType "user", "contact", "computer", "InetOrgPerson"
Grant-CsOUPermission -OU "ou=(site),dc=(domain),dc=(forest)" -ObjectType "AppContact", "Device"
Is there a way to give them rights to run these commands?