What permissions should the "User DN" be provided for the TIBCO Adapter(TM) for LDAP, in order to publish the deleted entries in Microsoft Active Directory Server?

What permissions should the "User DN" be provided for the TIBCO Adapter(TM) for LDAP, in order to publish the deleted entries in Microsoft Active Directory Server?

book

Article ID: KB0092263

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks Plug-in for LDAP -
Not Applicable -

Description

Resolution:
In order to publish the deleted entries in the Active Directory Server,  the  "User DN" provided in the LDAP Adapter instance should be a part of the  server's "Domain Admin" group by default. In other words, the "User DN" should have Administrator rights to publish deleted entries. In the Microsoft ADS Server, when any object is deleted, it is stored in the Deleted Objects container. By default, only the System account and members of the Administrators group can view the contents of this container.

However, for a  non-Admin user to publish the deleted entries, it is required to modify the permissions on the deleted objects container. Please refer to the article in the below link which describes how to modify the permissions on the deleted objects container:
--------
http://support.microsoft.com/kb/892806
--------

Issue/Introduction

What permissions should the "User DN" be provided for the TIBCO Adapter(TM) for LDAP, in order to publish the deleted entries in Microsoft Active Directory Server?
Powered by Wolken Software