In our Active Directory (2008 R2), I used delegation to give permission to edit user information attributes such as phone numbers, title, postal address, ... to a group of non-admin users.
Members of this group can now edit most users information, but they can't edit the info of administrators. But why? I didn't find any "Deny" clauses that could be causing that.