0 votes

What permissions does a Trustee (Specifically a Manager or Owner) need over a Managed Object to make it visible in their My managed objects?

The Trustee can view their own Managed Objects on their own user and if I give full Read permission over the relevant managed object it becomes visible, but I'm trying to limit the number of permissions to assign to the Trustee over the Managed Object.

Presumably I'm missing read permissions of specific attributes, which are the minimum I need to allow?

by (210 points)

1 Answer

0 votes
by (274k points)

Hello,

Yes, that is correct. For a user to be able to see an object, the Read permission is required and is the only such.

0

But won't that give the Trustee read access to all their attributes? I don't want that, I only want to give read access to the minimum specific attributes.

0

Hello,

Yes, it will and there is no other way. If there are certain attributes you want user to not be able to see, you need to add corresponding deny permissions.

Related questions

0 votes
0 answers

Good Afternoon, I'm looking for some clarification on what security settings I would need to apply to the Self-Service Users to allow them to update both their own ... accounts they have full access to. Please let me know if this requires more clarification.

asked Jul 22, 2021 by jtop (680 points)
0 votes
1 answer

What permissions are required in Exchange Online to use the "Cancel meetings organized by the user"?

asked Jun 5, 2023 by william.malone (60 points)
0 votes
1 answer

I have a root OU that I created called Disabled. I want to give the Computer Manager role the necessary permissions to move a computer to any OU/sub tree desired. They can ... -in computer OU but nothing else. What Permissions do I need to give them? Thanks!

asked Apr 30, 2012 by mpaul (360 points)
0 votes
1 answer

What is the minimum permission required to move user accounts between OUs?

asked Feb 14, 2012 by BradG (950 points)
0 votes
1 answer

I am working with Adaxes for the first time. Looking to set up the service account so it can actually make changes to AD not just to register the Adaxes Service. I would rather ... the Adaxes service. What I am unable to do is have adaxes make changes to AD.

asked Sep 21, 2022 by mightycabal (1.0k points)
3,386 questions
3,085 answers
7,840 comments
545,546 users