This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Native Security and other Tabs

Currently only full admins can view all the tabs,   AR Server Security, AR Server Policy, Group Policy, Group POlicy Inheritance and Native Security.   If I wanted to allow a user or a group of users the ability to see these tabs, how would I go about doing that while not giving them the ability to actually add anything such as a template, policy or edit native permissions.

Thanks in advance

  • These tabs are controlled with Read Control and Write Control permissions in ARS. So, if you want users to see these tabs, deleget Read Control permission for them. This permission is located in the "object access" category on the Add Permission Entry wizard.

    Regards,
    Andrei [Quest]
    This posting is provided "AS IS" with no warranties, and confers no rights
  • Thanks for the reply Andrei,
         I'm a little thrown off though.   I have read permissions to the OU, have even used the delegate wizard but still do not see the tabs.  Just to try to make it simple in the beginning I chose a pre-defined Policy for both Users and OUs that had read all permissions and do not see the tabs.   What Object class should I be choosing if not those?

    Thanks,
    Rad

  • Ok,  I ended up opening a support ticket.   Here is what is really needed.

    Read All objects on configuration under Active Directory

    Then you need to create an access template with the following

    User - Read Control
    User - Read All properities
    Organizational Unit - Read Control
    Organizational Unit - Read All properities.


    That will do it.

  • Thanks for this - exactly what I was trying to figure out.

    I wanted a group of admins to view ALL security - so created template granting Read All Properties AND Read Control to All Objects.

    It is the read Control that was missing - Thanks.