You can use the CreateZoneAndDelegate sample script to automate the creation of new zones and assign an Active Directory user or group to be the zone administrator. By default, the script delegates all administrative tasks to the user or group you specify. To use the script without modification, you simply need to specify the Active Directory container where you want to create the zone, the zone name, and the user or group who should be designated the zone administrator.
To create new zone using the sample script:
- Open the Centrify Access Module for PowerShell.
- Verify you are in the directory where the scripts are located.
-
Execute the sample script with the required command line arguments.
.\CreateZoneAndDelegate -Container “cn=Zones,ou=Acme Sales,dc=pistolas,dc=org” -ZoneName seattle -trustee frank.smith@pistolas.org
- Open Access Manager.
-
Select Zones, right-click, then select Open Zone to search for and select the new zone.
If you want to delegate specific administrative tasks, you can copy the sample script and modify the Set-CdmDelegation call to specify a list of tasks. For example:
Set-CdmDelegation -Zone $zone -Task "AddUsers",”AddGroups” -Trustee $trustee; Write-Host "$trustee is delegated the rights to add users and groups.";
Doc Feedback