|
Note: The following procedure instructs you to use ADUC (Active Directory Users and Computers) to set up an Active Directory user by the name of "ADuser" referred to by other examples in this guide. |
To create an Active Directory user account
In the Active Directory Users and Computers console, select the Users folder and click the New User button.
On the New Object - User dialog, enter information to define a new user named ADuser and click Next.
The New Object - User wizard guides you through the user setup process.
When you enter a password, clear the User must change password at next logon option, before you click Next.
Click Finish.
Close Active Directory Users and Computers and return to the mangement console.
Using the controls at the top of the mangement console's Active Directory tab, you can search Active Directory for users, groups and computers. With proper credentials, you can also search for Unix-enabled users and groups (requires Authentication Services 4.x).
|
Note: The Active Directory tab is only available when you are logged onto the console as an Active Directory user. (See Active Directory Configuration for details.) |
To search for Active Directory objects
|
Note: The mangement console uses Ambiguous Name Resolution (ANR) as the search algorithm to search Active Directory. This allows you to enter limited or partial input to find multiple objects in Active Directory. Use one of the following methods to enter your search expression:
(See Ambiguous Name Resolution for more information.) |
To search for all objects matching the object type you specify in the Find box, do not enter any characters in the Search by name field.
For example, to search for all groups in the forest, do not enter anything in the Search by name box, select Groups from the Find box menu, and click .
By default, the mangement console searches the entire forest configured for Active Directory.
|
Note: To clear the search criteria and results, click the |
When logged in with an Active Directory account in the Manage Hosts role, you can view the properties of Active Directory user accounts from the Active Directory tab. However, you must have permissions in Active Directory to modify Active Directory user properties.
To view or modify the properties of an Active Directory user
Double-click the user name to open the Active Directory user's properties.
You can also right-click the user name and choose Properties.
|
Note: Please review the following notes regarding the account options:
|
|
Note: You cannot make modifications to this view through the mangement console. |
When logged in with an Active Directory account in the Manage Hosts role, you can view the properties of Active Directory group accounts from the Active Directory tab. However, you must have permissions in Active Directory to modify Active Directory group properties.
To view or modify the properties of an Active Directory group
You can also right-click the group name and choose Properties.
|
Note: Searching for the members of an Active Directory group works most efficiently when there is a global catalog for the group's domain. If a global catalog for the group's domain cannot be found, the search may be slower. |
The Add Members To Group dialog displays.
Use the search controls to display a list of Active Directory users and/or groups available to add to the Active Directory group.
Select the users and/or groups you wish to add and click OK.
|
Note: You cannot make modifications to this view through the mangement console. |
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy