AD access

Craig_GoddenCraig_Godden Customer IT Monkey ✭
What extra piece do we need in order to unlock accounts and reset password for user account in True Control Center?

Answers

  • F_ChristiansenF_Christiansen Cireson Dev Advanced IT Monkey ✭✭✭
    Hi Craig,

    In a typical setup, the account you have specified for the IIS Application Pool for TCC must have Unlock User Account and Change Password in Active Directory.
    If you need the specific AD Object permission to set, I can provide them for you.

    Best regards
    Flemming Appelon Christiansen
  • Craig_GoddenCraig_Godden Customer IT Monkey ✭
    I have tried adding that account into our account operators but does not seem to help. Do i need to restart any services after applying to that account?

    I guess i could add it specifically to that OU
  • F_ChristiansenF_Christiansen Cireson Dev Advanced IT Monkey ✭✭✭
    Remember that when granting the IIS App Pool account membership to Account Operators, that token is updated upon re-login. For IIS, I woill assume that you should at least do a IISReset.
    Also note that Account Operators does not have permissions to alter account in the Administrator and Domain Admin groups.

    When you have tried unlocking or resetting password, check the Events for any errors.

    Best regards
    Flemming Appelon Christiansen
  • Craig_GoddenCraig_Godden Customer IT Monkey ✭
    I have done multiple IIS reset ... the account is a standard account i will check events if i can find one


  • F_ChristiansenF_Christiansen Cireson Dev Advanced IT Monkey ✭✭✭
    Hi Craig,

    Any luck with this?
  • Craig_GoddenCraig_Godden Customer IT Monkey ✭
    So i found the group that granted access for unlock. just need to find the one that allows for password reset
  • Brian_WiestBrian_Wiest Customer Super IT Monkey ✭✭✭✭✭
    I haven't seen any KB's on how to setup TCC for password reset configuration. However it should work along that same lines of the password reset application Cireson published. https://support.cireson.com/KnowledgeBase/View/1191#/ 
    Just use the TCC application pool account and configure in AD based on the KB.
    HTH
Sign In or Register to comment.