How to I create a user that is allowed to only add/remove users to distribution lists in Active Directory?

Posted by Sorin Sbarnea on Server Fault See other posts from Server Fault or by Sorin Sbarnea
Published on 2012-09-04T15:18:13Z Indexed on 2012/09/04 15:41 UTC
Read the original article Hit count: 212

I do have a third party product (Jira) that has Active Directory integration via LDAP.

I want to enable Jira administrators to edit group memberships and have them syncronized inside Active Directory.

This currently works but I needed to use a Domain Administrator service account in order to do this.

The question is how can I do this without giving the entire Domain Administrator permission to the service account.

© Server Fault or respective owner

Related posts about active-directory

Related posts about domain