Delegating access to perform administrative actions via the Management Shell is performed via the use of Access Templates, and uses the same access control as other clients, such as the Console and Web Interface.
Access Templates can be delegated to provide administrators the required rights to perform administrative actions in Active Roles. Access Templates are not client specific, as delegating an Access Template will provide rights to perform actions using all Active Roles clients non selectively.
Please note that it is not possible to delegate rights to any single Active Roles user interface.
When using the Management Shell as a client, the -Proxy switch is required to ensure the cmdlets are routed through the Active Roles service, where access checks can be performed. When not using the -Proxy switch, cmdlets are executed directly against AD.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback 利用規約 プライバシー