Re: Granting Write Access to Active Directory User Properties
- From: Tomasz Onyszko <T.Onyszko_nospam_@xxxxxx>
- Date: Wed, 22 Feb 2006 15:57:33 +0100
NRC Help wrote:
One of our programmers is writing an application that will need to modify user properties in Active Directory 2003. By "modify" I mean that the current fields for General, Telephones, Organizational etc. will be written to, but he will also need the ability to create new fields, such as Vita, web page url etc.
What permissions do I need to set, and where do I set them?
You have to give to this application account permissions to write to appropriate AD attributes, check if informations You need are not included in Personal Information Set or other property set:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschema/adschema/property_sets.asp
http://www.microsoft.com/technet/scriptcenter/topics/security/propset.mspx
Of course You cen delegate permissions to single attributes but property sets simplifies this process a little.
--
Tomasz Onyszko
http://www.w2k.pl/blog/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
.
- Prev by Date: RE: Slow Log on to 2003 domain, xp clients + 2000 TS - NOT DNS pro
- Next by Date: RE: Slow Log on to 2003 domain, xp clients + 2000 TS - NOT DNS pro
- Previous by thread: RE: Slow Log on to 2003 domain, xp clients + 2000 TS - NOT DNS pro
- Next by thread: RE: Granting Write Access to Active Directory User Properties
- Index(es):
Relevant Pages
|
Loading
