Discussion:
How to set role for users to access in AD only for fetching details and not create/update/delete
(too old to reply)
bagya
2008-04-17 05:34:34 UTC
Permalink
Hello,

Im using Active directory and want to search for a user and retrieve some of
its details using the LDAP API provided by java. But for this i need to get
the context to LDAP with the LDAP admin id and pwd. I want to know is there
a way to set up an user id in AD which can be used only for retrieving
details from AD and not any further admin access.
I mean is there a role based access in AD?

Thanks

url:http://ureader.com/gp/1633-1.aspx
Joe Kaplan
2008-04-17 15:44:14 UTC
Permalink
Generally speaking, a normal user account can search within AD and see most
objects but will not have rights to modify anything except a few attributes
defined on itself. You should not need an admin account for doing what you
are doing.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Post by bagya
Hello,
Im using Active directory and want to search for a user and retrieve some of
its details using the LDAP API provided by java. But for this i need to get
the context to LDAP with the LDAP admin id and pwd. I want to know is there
a way to set up an user id in AD which can be used only for retrieving
details from AD and not any further admin access.
I mean is there a role based access in AD?
Thanks
url:http://ureader.com/gp/1633-1.aspx
Loading...