Permissions required for administrative tasks

This chapter describes the permissions required to perform administrative tasks that affect Centrify-specific objects in Active Directory. You can set these permissions manually for individual users and groups who manage Centrify zones in Active Directory. However, setting permissions manually can be time-consuming and error-prone. In most cases, you should use the Zone Delegation Wizard to authorize users to perform specific tasks.

At a minimum, all Access Manager actions require users to have generic Read permission. This permission is typically granted to all Authenticated Users by default.

Because Authenticated Users have read access, they can run reports in the Report Center. No additional rights need to be granted to enable users to run reports.