Active Directory Accounts
Axidian Privilege interacts with end users through a service account that reads directory users and their attributes.
Account to Use with User Directory
- Run the Active Directory Users and Computers snap-in.
- Open the context menu of the organizational unit or container.
- Select Create → User item from the menu.
- Specify the user name, e.g, IPAMManager.
- Fill in the required fields and complete the account creation.
Alternatively, you can use an existing account.
Account for Service Operations in Active Directory
- Run the Active Directory Users and Computers snap-in.
- Open the context menu of the organizational unit or container.
- Select Create → User item from the menu.
- Specify the user name, e.g, IPAMADServiceOps.
- Fill in the required fields and complete the account creation.
- Open the context menu of organizational unit, container or domain root.
- Select Properties.
- Open Security tab.
- Click Add.
- Select an account IPAMADServiceOps and click Ok.
- Click Advanced.
- Select an account IPAMADServiceOps and click Edit.
- Specify the value of the field Applies to to the Descendant User objects.
- In the Permissions section check the Reset password checkbox.
- Save.
Alternatively, you can use an existing account.