0 votes

What rights are needed to view Password Manager Statistics?

I have set Allow Read > All Object Types for a group assigned over Configuration Objects.

But I get a "Data fetching Error" and "Access is denied" dialog when trying to view statistics.

Thank you

by (590 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

For information on how to assign permissions for viewing password statistics see the following article: http://www.adaxes.com/help/?HowDoI.Mana ... PStat.html.

0

I have already set these permissions. I set Read or Read All Properties and Read Logging Information but that does not work.

In the help file its says:
"In the 'General permissions' list, select the Allow check box for the View Password Self-Service Statistics permission."

Allow for what? Does it have to be Full Control?

0

Hello,

The thing is that Password Self-Service Statistics is represented by a directory object of type PasswordSelfServiceStatistics. The object is stored on Adaxes service backend server (an instance of AD LDS). There is a special permission that can be applied to the object in order to access the statistics. The permission is called View Password Self-Service Statistics.

Here are the steps from the article with screenshots:

  1. Launch the Adaxes Administration Console.
  2. In the Console Tree, expand the service node you need.
  3. Expand Configuration / Security Roles.
  4. Select the Security Role, to which you want to add the permission to view statistics.
  5. In the Result Pane, click Add above the list of permissions. The Add Permissions dialog will open.
  6. Click Only selected object types and check Show all objects types below the list of object types.
  7. Check the PasswordSelfServiceStatistics object type.
  8. In the 'General permissions' list, select the Allow check box for the View Password Self-Service Statistics permission.
  9. Click OK.

Related questions

0 votes
0 answers

Good afternoon, As our environment has grown we are spending effort to build out security roles for different departments. I would like to grant the IT department access to ... to the "Configuration Objects" but that didn't get the necessary access Thanks!

asked Jun 28, 2016 by strikk (360 points)
0 votes
1 answer

I have made a deprovision custom command. I cannot change the attribute directReports, so was thinking - i could take the people in the directReports field of the manager ... (and its subordinates) that im running the deprovision custom command from. Any tips?

asked Mar 21 by EdgarsABG (110 points)
0 votes
1 answer

Hi, I have a Business Unit defined based on an LDAP Query which I use to limit the accounts in AD an admin can control. I would also like to limit the scope of the search ... to for the LDAP filter to work on the BU, but having trouble working it out? Thanks,

asked Aug 5, 2014 by dazbo (390 points)
0 votes
1 answer

We are developing a process to mange mailboxes for terminated users. At the time of termination we would like to: convert the mailbox to a shared mailbox. Send an approval ... would run script to grant the manger access to the mailbox. Can this be done?

asked Oct 27, 2023 by mightycabal (1.0k points)
0 votes
1 answer

Can the Password Self Service statistics be presented to end users in a report? The only way I have been able to find the information is in the Admin console ... I would like to be able to provide it to our Helpdesk as a report of some type. Thank you.

asked Oct 28, 2015 by hms.scott (220 points)
3,589 questions
3,278 answers
8,303 comments
548,107 users