How to change a domain user's permission in AD
- 1 minute to read
- Print
- DarkLight
- PDF
How to change a domain user's permission in AD
- 1 minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
In this article, you will find a step-by-step guide on how to perform the permission change for domain users on the Active Directory (AD) server.
Info
By following the steps in this tutorial, permission will be given to the whole group of users inserted in the selected folder. To grant permission to just one user, access How to change a domain user's password in AD document.
Requirements
- Be an administrator user or have administrative privileges to change Active Directory.
- Have the Active Directory User and Computers installed.
Change permission
- At the Active Directory (AD) server, find the group whose permission you want to edit.
- Right-click and choose the option Delegate control.
- In the window Users or Groups, click Add.
- In the Enter the object name to select (examples) field:
- Enter the user who will be allowed to change the password.
- Click OK.
- Back to the Users or Groups screen, click Next.
- From the list, select Reset user passwords and force change at next logon.
- Click Next.
- Click Finish.
Confirm the change
- Go to senhasegura. In the upper left corner, click the Grid Menu, represented by the nine squares, and select PAM Core.
- In the side menu, select Credentials > All.
- From the list, select the credential that you modified in AD.
- In column Action, click on the icon represented by the three vertical dots, and click Edit.
- In the Credential window, click Execution Settings.
- See that the Change plugin field has the value of LDAP, and the user in the Authentication credential field is registered in AD.
- Click X to close the window.
Do you still have questions? Reach out to the senhasegura communityhttps://community.senhasegura.io/.
Was this article helpful?