Permision for the service account to do the AD password reset

Categories

Open all | Close all

Permision for the service account to do the AD password reset

April 20, 2024

Scenario:  we uses use a service account on LDAPWS, that can reset password for all users. How can this service user reset password for AD user?

Solution: It depends on how you set the permissions for password reset for this service account for which OU (and sub-OU)

Given that we have the organizations like below:

aduc_1

You would like to grant user “permis01” to do the reset password for the “suborg” and its child, you can do the following: https://drive.google.com/file/d/0BzejQ4QaVGlhNEdhUWxIR2trZlk/view

What happens:

+ If you change the password for the AD users belonging to the “suborg” and its child, no error throws

+ If you change the password for the AD users not belonging to the “suborg” and its child, e.g the AD user “permis02”, you will receive the error: http://prntscr.com/cdkckh where the LDAPWS error trace is: http://prntscr.com/cdkd0d

 

Was this helpful ?Good Somewhat Bad

Related posts:

  1. Password Self Service Pages
  2. The Username and Password login page
  3. How to use the DirectAD on the Identify
  4. Web service