IDM More Read Permissions

less than 1 minute read

Description:

NetiQ Identity Manager is a LDAP directory software used in larger companies. In this example, I had a service account that need to perform LDAP lookups but wasn’t returning all the properties for a user. I did the following steps to give the account more rights so that it would return all properties instead of a subset of properties:

To Resolve:

  1. Sign into web GUI of iManager => Roles and Tasks => Rights => Rights to Other Objects

  2. Trustee Name: $PathToServiceAccount

  3. Context to search from: [root]

  4. Click okay => Next screen should be blank.

  5. Now click ‘Add Object’ => (select your tree root) => click ‘assigned rights’

  6. Click the Property Name and make sure the following are checked:
    • [All Attributes Rights] - Compare, Read
    • [Entry Rights] - Browse
  7. Test by signing into Apache Directory Studio before and after and doing a quick search on your LDAP tree. You should see more properties afterwards!

-----------------------------------------------------------
Spotted a mistake in this article? Why not suggest an edit!
-----------------------------------------------------------

Comments