Adaxes

Service Admins?

0 votes

I have been testing with setting up a business rule to deny modify if the initiator is not in the managed by attribute of the object. I have an OU with users in it. I have created a role that allows authenticated users to modify group membership and reset passwords to this OU. I set up a business rule that would cancel the operation with access denied if the initiator is not in the managed by attribute for the object and assigned it to the OU. I was surprise to be effected by this rule as a Service Admin. I am set up as an administrator for Adaxes via the Administrators tab in the server properties. Would this be considered a normal function or should I had unrestricted access? If it is normal, is there a way to indicate in the business rule 'if initiator is a service admin'?

Thanks

by (1.2k points)

1 Answer

0 votes
by (18.0k points)

Hello,

Yes, it's a normal function. It is possible to check whether the initiator is a service admin using the If PowerShell script returns true condition.

Today we are releasing a minor update that will allow you to assign Security Roles to group owners. There will be two new security principals:
- Owner (Managed By)
- Manager

So, if you want to grant permissions to the user or security group specified in the Managed By property of a group, you'll need to assign your role to Owner (Managed By):

0

Has this update been released yet? I have been checking frequently and have not seen it yet. Not that I want to be a pest, but this is something that we are very excited about and we can't wait to get the update.

Thanks

by (1.2k points)
0

Hello,

We are in the process of building installation packages. I'll update this post as soon as the new version is available.

by (18.0k points)
0

Hello,

The update has been released today.

You can download it here.
Note that you need to perform additional steps to preserve Approval Requests after the upgrade. For details, see upgrade instructions.

by (216k points)

Related questions

0 votes
1 answer
How to provide a button in web UI for Admins to reset Q&A for users enrolled Self-Service portal

would like to know the method to provide a button to security Q&A reset for enrolled users to Adaxes Admins via Web UI

asked Mar 21, 2023 by Vish539 (310 points)
0 votes
1 answer
Group domain-admins

How do I get domain-admins? Which permission do I need to configure to appear in the group? https://imgur.com/4Wy6rOb

asked Dec 20, 2018 by tiagotoledo (360 points)
0 votes
1 answer
Adaxes is slow for "regular users" but not for admins

Hi again :-) It seems that Web interafces is very slow for any kind of operation (search, modifiy) when the user is part of several ACL in Adaxes. It took me some time ... i'm afraid they stop using the tool if nothing is done. Thanks for your help. Stephen

asked Mar 29, 2012 by sroux (800 points)
0 votes
0 answers
The password self service at windows login works on windows 10 but not windows 11.

We have followed your instructions to set up the password self service and we got it to work on windows 10 but the link does not show up on windows 11. is there something we can do to get the link to show up?

asked 3 days ago by rechevarria (20 points)
0 votes
1 answer
Why don't I see all Active Directory groups in self service

We are testing Adaxes. After installing I tried the Self Service portal. I was impressed with how much it automatically found right out of the box. When I click on join a ... control this? How would I get it to see groups that are not showing? Thanks, Randy

asked Apr 25 by rjangelin (20 points)
3,358 questions
3,057 answers
7,805 comments
545,184 users