7,023 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello Eaven HUANG,
Thank you for posting in Q&A forum.
Based on the description, I understand you want to make a AD user in a 3rd party application create AD user account via LDAP, am I right?
If so, you can delegate the permission to an AD user so that he/she can create user account.
1.Go to the OU where you want to delegate control (if you have no OUs or want to grant this right for the entire directory, go to the root of the tree).
2.When you get to the Tasks to Delegate pick at least Create, Delete and manage user accounts. Look at the list for other tasks. Click through to complete the wizard.
3.Check if this AD user account can create AD user account via LDAP in the 3rd party application.
I hope the information above is helpful.
If you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou
==========================================
If the Answer is helpful, please click "Accept Answer" and upvote it.