Modifying users in standard zones
In a standard zone, modifying user account properties for a user with a standard Active Directory security group as the primary group requires the following permissions:
Select this target object | To apply these permissions |
The serviceConnectionPoint object for the user account For example, if you are using classic zones and the UNIX user name is chris: domain/UNIX/Zones/Finance/Users/chris
then select serviceConnectionPoint objects |
Click the Properties tab and select Allow to apply the following properties to this object only:
If you are changing the UNIX user name for the user, you need the following additional permissions applied to this object:
Note The Name property is the common name (cn) of the serviceConnectionPoint object. |
Note: You can set the permissions for modifying user accounts by clicking Permissions when you are viewing the Centrify Profile for a user.