DocumentationRelease Notes
Documentation

Delegate permissions to manage UNIX attributes in Directory Integrated mode

Suggest Edits

This section applies to AD Bridge administrators that are working in an AD Bridge Directory Integrated - Default Cell mode environment.

ℹ️

In a Named Cell environment, you can use the Delegation of Control wizard accessible from the Cell Manager. For more information, see Manage cells with AD Bridge Cell Manager.

  1. In Active Directory Users and Computers, right-click the OU, and then select Properties.
  2. Select the Security tab.
  3. Click Advanced, and then click Add.
  4. Select Select a Principal.
  5. Select the user or group that you are delegating permissions to, and then click OK.
  6. From the Type menu, select Allow.
  7. From the Applies to menu, select the object type that the permissions will apply to.

Permission Entry screen in Directory Integrated Mode

  1. Go through the list of properties and select the UNIX attributes:

ℹ️

For a list of the required properties, see Provision user accounts and Provision group accounts.

  1. Click OK.

Provision user accounts

When provisioning UNIX user accounts, AD Bridge administrators must be able to manage the following RFC2307 attributes:

  • displayName
  • GECOS
  • gidNumber
  • loginShell
  • uidNumber
  • uid
  • unixHomedirectory

Provision group accounts

When provisioning UNIX groups, AD Bridge administrators must be able to manage the following RFC2307 attributes:

  • description
  • gidNumber
  • displayName. You must set the permission in adsiedit.msc.

Updated 16 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.