Active Directory management & automation

Allow/Deny Access to the Web Interface

In Adaxes, access to Active Directory is controlled by Security Roles. When using the Active Directory Web Interface, users can see only the objects they have permissions to view. The same regards the operations on Active Directory objects. If a user doesn't have rights to perform an operation, this operation will not be available and even visible for this user.

For details on how to disallow users to view certain objects in Active Directory, see Hide Active Directory Objects from Users.

Additionally, you can allow or deny specific users or groups to access the Web Interface. In this tutorial, you will learn how to restrict the ability of users to login to the Web Interface.

On the computer, where the Web Interface is installed, start the Web Interface Customization tool.

In the Interface type drop-down list, select the Web Interface you want to configure.

Activate the Access Control tab.


To allow only specific users or groups to log in to the Web Interface, select the Allow specific users or groups only option.

To deny access to the Web Interface for specific users or groups, select the Deny access for specific users or groups option.


In the Users edit box, enter a comma-separated list of users, for whom you want to allow or deny access to the Web Interface.

User names can be entered in either 'user@domain.com' or 'DOMAIN\user' format (e.g. joohndoe@company.com, COMPANY\johndoe).

In the Groups edit box, enter a comma-separated list of security groups, for which you want to allow or deny access to the Web Interface.

Group names can be entered in the 'DOMAIN\group' format only (e.g. COMPANY\Administrators).
You can allow or deny access to the Web Interface for security groups only!

When finished, click Apply.

There is no need to restart IIS to apply the changes, as changes are applied automatically.
? Waiting

Progress status: Checking...