AD account permission for 3rd party application usage?

Eaven HUANG 2,191 Reputation points
2023-09-25T15:16:03.2366667+00:00

Dear Experts,

We have a 3rd party application that will be used to create AD user account via LDAP. I didn't see any official documents instructing what are the appropriate permissions that we should grant for a newly created account, which is used in the 3rd party application. I guess Domain Admins role is good enough but that seems too much to us. We tried the User Management group but it didn't work.

Any advice would be much appreciated.

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anonymous
    2023-09-26T06:35:41.2333333+00:00

    Hello Eaven HUANG,

    Thank you for posting in Q&A forum.

    Based on the description, I understand you want to make a AD user in a 3rd party application create AD user account via LDAP, am I right?

    If so, you can delegate the permission to an AD user so that he/she can create user account.

    1.Go to the OU where you want to delegate control (if you have no OUs or want to grant this right for the entire directory, go to the root of the tree).

    2.When you get to the Tasks to Delegate pick at least Create, Delete and manage user accounts. Look at the list for other tasks. Click through to complete the wizard.

    cre1

    3.Check if this AD user account can create AD user account via LDAP in the 3rd party application.

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ==========================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.