security role

I have a user that I put in charge of the security ROLE, so when she creates a new Ressource she will be able to give access to Navision for the new user. But when she tries to change a password of some other user that has more permission then her I receive the message : “You cannot delete or change the user ID XX, because the user has permissions that you don’t have” Is there a way out or is it normal ?

This is normal and quite correct. Even with the security group assigned, any user can only give access to other users for groups that they themselves are a member of. I’m not aware of any way around this apart from obviously expanding the users own permission groups.