Users Guide
Using Microsoft Active Directory 165
3
Type in a name for the new object. This name must match the
Active
Directory product name
as discussed in "Configuring Active Directory
Using CLI on Systems Running Server Administrator", or for a RAC
device, the name that you will type in step 4 of "Configuring Your Systems
or Devices", or for IT Assistant, the name discussed in "Configuring Active
Directory on Systems Running IT Assistant."
4
Select the appropriate
Product Object
.
5
Click
OK
.
Creating a Privilege Object
Privilege Objects must be created in the same domain as the Association
Object to which they are associated.
1
In the
Console Root
(MMC) window, right-click a container.
2
Select
New
.
3
Select a RAC, Server Administrator, or IT Assistant object, depending on
which you have installed.
The
New Object
window appears.
4
Type in a name for the new object.
5
Select the appropriate
Privilege Object
.
6
Click
OK
.
7
Right-click the privilege object that you created and select
Properties
.
8
Click the appropriate
Privileges
tab and select the privileges that you want
the user to have (for more information, see Table 10-2 and Table 10-8).
Creating an Association Object
The Association Object is derived from a Group and must contain a group
Type. The Association Scope specifies the Security Group Type for the
Association Object. When you create an Association Object, you must choose
the Association Scope that applies to the type of objects you intend to add.
Selecting Universal, for example, means that Association Objects are only
available when the Active Directory Domain is functioning in Native Mode
or above.
1
In the
Console Root
(MMC) window, right-click a container.
2
Select
New
.