Rights for eDirectory
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
I have installed Nsure Identity Manager 2.0 and created a special Admin user for it. What rights does this Admin user need in eDirectory?
A:
It depends on what you want Identity Manager to do:
- It needs read rights to any attribute on any object that will be synced out.
- It needs write rights to any attribute on any object that will be synced in.
- It needs delete rights to any object that will be deleted or moved.
- It needs creation rights to any container where you will be creating objects or moving objects to.
- It need supervisor right to any object where you will be syncing passwords in or out.
- Usually it is set up with just the supervisor rights to the subtrees of interest because pretty much covers everything.Also remember that you can't make your new admin user Security Equivalent and then the driver security equivalent to your admin user, because Security Equivalence is not inherited in eDirectory.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com