How do I create an ActiveView so that users are only allowed to create and manage Computer accounts (NETIQKB38839)

  • Document ID:7738839
  • Creation Date:02-Feb-2007
  • Modified Date:19-Jun-2007
    • Micro Focus Products:
      Directory and Resource Administrator

Resolution

goal
How do I create an ActiveView so that users are only allowed to create and manage Computer accounts that begin with 'LON' in the specified OU?

fact
Directory and Resource Administrator 7.x

fix
Launch the Delegation and Configuration console while logged on as an Assistant Admin with the DRA Administration role, and perform the following steps:

  1. Expand Delegation Management.

  2. Highlight ActiveViews and click New ActiveView.

  3. Click Next.

  4. Click Add and select Objects that match a rule....

  5. In the Accounts section, click the Computers link.

  6. Click the any computer link.

  7. Select Computers Matching Wildcard.

  8. Type LON* and click OK.

  9. Click the any OU link.

  10. Select Specific OU.

  11. Browse to and select the desired OU.

  12. Highlight the OU and click OK.

  13. Click OK and click the Add button.

  14. Select Target containers for create operation.

  15. Browse to and select the desired OU (Target Container) where the Assistant Admins should be able to create the computer in.

  16. Click Add and OK.

  17. Click Next.

  18. Type a name for the ActiveView and click Next.

  19. Ensure that the I want to delegate power over this ActiveView after I finish this wizard option is checked.

  20. Click Finish.

  21. Click Next and Add.

  22. Select Users.

  23. Type the name of the user account or group (Assistant Admin) that you want to delegate powers to and click Find Now.

  24. Highlight the user and click Add and OK.

  25. Click Next.

  26. Highlight the user and click Add and select Roles.

  27. Next, type the Create and Delete Computer Accounts role and click Find Now.

  28. Highlight Create and Delete Computer Accounts and click Add.

  29. Click OK and Next.

  30. Click Next again to review the summary and click Finish.


note
Above is an example of how to create an ActiveView, Assistant Admin, and how to associate the Assistant Admin with the ActiveView.  By performing the steps above, the user or all users in the group specified in step 23 will be able to create and delete computer objects beginning with LON.

Additional Information

Formerly known as NETIQKB38839