Listing groups in RFC 2307-compliant zones

In a standard RFC 2307-compliant zone, listing group account information requires the following permissions:

Select this target object To apply these permissions

The serviceConnectionPoint object for the user account

Click the Properties tab and select Allow to apply the following properties to this object for each user included in the list:

  • Read displayName
  • Read keywords
  • Read managedBy
  • Read objectClass
  • Read objectGUID
  • Read Name to display the group name
  • Read gidNumber to display the group GID