0 votes

When I build a report for "everyone" (and specifically for use by self service users) and define a scope that is specific to an OU, it runs fine in the web interface when I run it in my capacity as a network administrator; however, when I run it in the Self Service Portal (as a self service user), the report fails and it appears that it is unable to resolve the OU and instead is showing the SID/GUI for the specific OU.

Here's what I get when I try to run the report in the Self Service Portal:

Amarillo Extension Report Error.jpg

Here's the scope setting for the report:

Scope Setting.jpg

Here's the security role for the self service user:

Self-Service User Security Role Permissions.jpg

I'm not sure what permission seems to be missing that would allow this report to run properly and the Scope to be recognized for the self service user. Without this, the report is VERY slow because it is unable to isolate a smaller subset for the search. And I know it works as a different user (with essentially "full control" access to everything), so I'm not sure where to start.

Thanks!

by (50 points)

1 Answer

0 votes
by (270k points)
selected by
Best answer

Hello Bill,

According to the error message, the logged on user does not have the permissions to actually see the Users OU. The thing is that the Security Role in your screenshot does not grant any permissions over OUs. Also, the permission for reports in the role will not work. To grant permissions to view reports you need to use specific users or groups as trustees. For your information, the Self security principal is only used to grant permissions to users over their own accounts.

For information on how to grant permissions to see objects, have a look at the following tutorial: https://www.adaxes.com/tutorials_DelegatingPermissions_HideADObjectsFromUsers.htm. For example, to allow all users to see the Users OU, your Security Role will look like the following: image.png For information on how to delegate the permissions to view reports, have a look at the following tutorial: https://www.adaxes.com/tutorials_DelegatingPermissions_GrantRightsToViewReports.htm.

Related questions

0 votes
1 answer

Hi, I'm trying to add an custom command under Actions. While I'm able to add them under UI editor, it is not visible when a user logs into self-service portal. However, other default actions are visible when I toggle them in UI editor.

asked Feb 5 by Renugopal (120 points)
0 votes
0 answers

Upgraded to the latest adaxes release yesterday and now this morning we are not able to access our self-service portal. We have rebooted our server and verified our adaxes service is successfully connected our domains. Any help would be appreciated, thank you!

asked Mar 14 by dhodgin (40 points)
0 votes
0 answers

Hi, Through the Adaxes Web Configurator i would like to be able to setup an action so a user can be added to a Microsoft Team through the self service portal. The ... then test again all the disribution groups show up. Any thories on why this is happening?

asked Nov 28, 2023 by STIG (40 points)
0 votes
1 answer

would like to know the method to provide a button to security Q&A reset for enrolled users to Adaxes Admins via Web UI

asked Mar 21, 2023 by Vish539 (310 points)
0 votes
1 answer

We have implentend Adaxes in our infrastructure and users who use forget their password link via Adaxes self service portal by going thorugh the registered Q&A are being prompted to ... by a specific business rule, I am unable to check this via the log

asked Mar 14, 2023 by Vish539 (310 points)
3,326 questions
3,025 answers
7,724 comments
544,678 users