LDAP-UX Client Services B.04.00 with Microsoft Windows 2000/2003 Active Directory Administrator's Guide
Installing LDAP-UX Client Services
Configuring Active Directory for HP-UX Integration
Chapter 228
— Delegate POSIX attribute read access to the proxy user. By doing
this, you allow the proxy user to read only POSIX attributes of
user and group objects:
1. Start Active Directory Users and Computers.
2. Click the container which contains the proxy user, usually it
is “Users”.
3. Select Delegate Control from the Action menu.
4. The Delegation of Control Wizard starts, click Next.
5. On the following screen, click Add to get a list of users
groups, Choose the proxy user, and click Add and OK.
6. Back to the screen to select users and groups, Click Next.
7. You are given the screen to identify the scope of the task you
want to delegate, select Only the following objects in
folder, check Group objects, click Next.
8. For SFU, version 2.0:
you are given a screen to select permissions. Select
Property-specific and the following permissions:
— Read gidNumber
— Read memberUid
— Read msSFUName
then click Next
For SFU, version 3.0 or 3.5:
You are prompted to select permissions. Select
Property-specific and the following permissions:
— Read msSFU30GidNumber
— Read msSFU30MemberUid
— Read msSFU30Name
then click Next
9. You are given the screen which confirms your configuration,
click on "finish" if everything is correct, otherwise, click
"Back" to change.