Adaxes

Unable to view members of a group

0 votes

Howdy!

I'm new to Adaxes.

I followed the tutorial - "Grant rights to modify AD group membership" . When I log in w/ an account that is the owner of a group, there aren't any members listed.
I checked AD to make sure and there are members.

What am I missing?

by (1.7k points)
0

I assigned Authenticated User to the Domain User Security Role and that took care of that.

by (1.7k points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

When you grant permissions to owners of the groups, you grant the permissions for the group object itself. That is, you can grant the right to read or write the properties of the group etc. To be able to view group members, you need to grant the permissions to read the objects that represent the group members in AD. For example, if you want to grant permissions to view users that are members of the groups, you need to grant permissions to view user accounts.

By default, the permission to view all objects is granted by the Security Role called Domain User. It is assigned to Authenticated Users over All Objects, which means that everyone can view everything. If you don't want to grant everyone the permission to view everything, you can grant each group owner the permissions to view only the objects that are members of the group they own. To do this, you need to modify the assignments of the Domain User Role:

  1. Launch Adaxes Administration Console.
  2. Expand the service node that represents your service.
  3. Navigate to and select the Domain User Security Role.
  4. Right-click the default assignment of the Role and click Delete.
  5. Right-click in the Assignments list and click Add Assignment.
  6. Double-click a user or group that is the owner of another group.
  7. Double-click a group that the user or group owns.
  8. In the Assignment Options dialog, select Members of this group.
  9. Click OK two times.
  10. Repeat steps 5-9 for as many group owners as you need and save the Security Role.
0

Thanks for the explanation!
Worked like a charm

by (1.7k points)

Related questions

0 votes
1 answer
Select all members of a group

Hi Is there a way to select all members of a group when you click on a group? I know you can do this via the Reports section, but it would be easier to just select them all when viewing the group.

asked Jan 28, 2013 by kjesoo (960 points)
0 votes
1 answer
Unable to get groupCategory attribute of AD group

Hi, I am making business rule which calls powershell script and inside the script I need to check whether account which is added to group is security group. I am using Get- ... , the same command return, that group type is security So what am I doing wrong?

asked Feb 20, 2020 by KIT (910 points)
0 votes
1 answer
Can I create a rule to count members in a group and send an email if the number approaches a set point?

We have a 3rd party vendor that we are able to add users based on AD security groups. What I need to do is set a parameter for the number of available licenses and whenever ... the group is 495 I would like an email to trigger telling me to add more licenses.

asked Oct 12, 2022 by A_Pastor (70 points)
0 votes
1 answer
View members of groups matching pattern

I've searched the forum and not found an answer. I think other people could use this tool also. We need a way for group owners to audit the membership of the groups they ... If you have any part of this, like existing powershell code, I'd appreciate seeing it.

asked May 1, 2015 by theckel (520 points)
0 votes
1 answer
How to show the members of a business unit in the web client?

Hi, I'm trying to create a web console only for sending SMS using adaxes 2018.2. The SMS-users that are going to use the console should only be able to view users, not edit ... which removes a lot of OUs that the users should not see or be able to browse to.

asked Sep 2, 2020 by eirikza (120 points)
3,346 questions
3,047 answers
7,777 comments
544,976 users