Announcement

Collapse
No announcement yet.

Delegate rights to move users from one OU to another

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Delegate rights to move users from one OU to another

    Hi, I'm trying to delegate rights to move user accounts between OU1 to OU2(to a security group- DelgatedrightsGroup).
    I've already given DelgatedrightsGroup rights to Create and Delete User objects under OU1 and OU2
    At present I've given DelgatedrightsGroup access to WRITE ALL USER ATTRIBUTES under OU1 and OU2. Hence able to move users from OU1 toOU2 as this group .
    My concern here is the I don't want DelgatedrightsGroup to have write access to ALL user attributes.
    Could you please advice to which attributes the DelgatedrightsGroup should have write access in order to move users from OU1 to OU2 and vice verse.. so that I can revoke the extra WRITE access this group has on user objects.
Working...
X