Re: Permissions to do AD Lookups?
- From: "Chris Sdonka" <csdokna@xxxxxxxxxxxxxxx>
- Date: Fri, 5 May 2006 11:57:44 -0400
so with only authenticated user access they should be able to query the
entire domain, all the OUs, etc?
"Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx> wrote in message
news:1146840071.980475@xxxxxxxxxxxxxxxxxxxxxx
Give them no additional permissions. A user or inetOrgPerson object is a
member of domain users, and the well known security principal
Authenticated
Users. Authenticated Users has all the permissions you need. If it
doesn't, and you need specific read access to non-standard attributes, you
grant accordingly.
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net
.
- Follow-Ups:
- Re: Permissions to do AD Lookups?
- From: Jorge de Almeida Pinto [MVP]
- Re: Permissions to do AD Lookups?
- References:
- Permissions to do AD Lookups?
- From: Chris Sdonka
- Re: Permissions to do AD Lookups?
- From: Paul Williams [MVP]
- Permissions to do AD Lookups?
- Prev by Date: Restoring to Win2k3 Enterprise from backup of Win2k3 Standard
- Next by Date: Re: Configuring ADAM XML file
- Previous by thread: Re: Permissions to do AD Lookups?
- Next by thread: Re: Permissions to do AD Lookups?
- Index(es):
Relevant Pages
|
