Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
223
Views
0
Helpful
1
Replies

AD Admin Account Permissions

chuser
Level 1
Level 1

‎06-20-2005 10:51 AM - edited ‎03-18-2019 04:43 PM

I have an Active Directory Question. I am trying to understand the different permissions, a Domain Admin and a local Administrator have? We have a client with a unity at 4.04. The main admin account is listed as a Domain Admin. They Domain Controller and AD is off box.(Which I see in the install guide is for domain controllers not member servers). They want it to only have add and delete permissions on the DC server itself,not the supreme permissions that it seems to have now. I am trying to figure out what are the different things each permission can and can not do? Make sense? Thank you much

Labels:
0 Helpful
1 Reply 1

kechambe
Level 7
Level 7

‎06-20-2005 11:18 AM

Unity doesn't use the local administrator account. We do place the domain level Unity service accounts in to the local administrators groups to allow access to various resources on the Unity server.

None of the Unity accounts should have domain admin permissions. People often add our accounts to these groups and it is 100% not necessary and in a lot of cases can actually negatively impact our effective rights.

This URL has the specific required permissions for the accounts:

http://www.ciscounitytools.com/HelpFiles/PW403+/PWHelpPermissionsSet_ENU.htm

Any deviation from these permissions isn't supported by Cisco. This includes placing the accounts in any groups.

Let me know if this answers you question or not.

Thanks,

Keith

0 Helpful
Customers Also Viewed These Support Documents