Grant Rights to Create and Modify Business Units
In order to allow specific users or groups to create and modify virtual collections
of Active Directory objects called Business Units, you need to grant them the permission
to create/delete Business Units and permission to write all properties of Business Unit
objects. For this purpose, you need to create a Security Role that grants these permissions
and assign the new Role to the users or groups, whom you want to allow managing
Launch Adaxes Administration Console, right-click your Adaxes service, point
and click Security Role
. The Create Security Role
wizard will open.
Enter the name for the new role and click Next.
On the Role Permissions
page you need to specify which permissions the new role will
grant. The permissions for Business Unit management are predefined in the list of common tasks.
So, to quickly add these permissions to the role, click the arrow inside the Add
and choose Manage Business Units
. Click Next
With the help of the drop-down menu you can add permissions for other
common tasks, such as managing user accounts, groups, Business Rules, Security Roles, Property
Patterns, or Custom Commands, modifying group membership, reading contact information, etc.
Here, at the Assign Role
page, you need to specify the users or groups to which you want
to assign the new role.
To quickly find a user or group, type its name in the search field and click the
Select a user or group in the list of available trustees and click the Assign
In the Role Activity Scope
dialog that opens, select Configuration Objects
, and then click OK
When the assignment is added, it will be displayed in the Assignments
list. To add
assignments to other users or groups, repeat steps 4 and 5.
When all necessary assignments are added, click Finish