• State Verified Answer
  • Replies 2 replies
  • Subscribers 62 subscribers
  • Views 415 views
  • Users 0 members are here
Options
Related

Grant rights to specific groups in OU

rws
8 months ago

What is the best way to grant rights to specific groups in an OU?   Using access templates, not seeing how we can single out specific groups in an OU, only grant permissions to the OU in which they reside which but that gives them access to all the groups in the OU.  

  • 0 8 months ago

    What we are doing is making these users owners of these groups they need access to so they can manage them.  Curious if there is a better way or any different approach.  

  • +1 8 months ago in reply to rws

    If you have made users the owners of the groups by using the "ManagedBy" attribute, you can delegate access directly to a group owner by using Active Roles' built-in Primary Owner security principal / Trustee.

    I.E. When you are linking an Access Template, instead of specifying a user or group from AD, simply type "Primary Owner" and click Check Names.

    By doing this, Active Roles will look at whoever the logged in user is and check if they are Owner of the group or not.

    You can do the same thing for Secondary Owners (if you use this feature / virtual attribute).